Squidguard - doesn't work Ldap search by groups



  • There are Pfsense 2.3.5, squid, squidguard configured according to the instructions from the site pf2ad.mundounix.com.br

    Problem: the group filter ldapusersearch ldap doesn't work: ldapusersearch ldap://192.168.0.100/DC=domain,DC=com?SAMAccountName?Sub?(&(SAMAccountName=%s)(memberOf=CN=FullAccess%2cOU=Internet%2cDC= domain%2cDC=com))

    The user is authorized, but squidguard considers that it is in the target default. He does not allow you to go to sites.
    Log squidGuard: ldap_simple_bind_s failed: Invalid credentials

    1. What needs to be corrected for the user to be in group acl? (group acl is created with the rule of access to the Internet)
    2. Why doesn't  ldap authorization work in squid?



  • Hi Rarog, I'm working in the integration pfsense-2.4.1 SG vs win server 2012 r2 AD, are u?

    or is a Linux LDAP?

    If is AD, what is your status?

    I'm interest in.

    Thanks.



  • @periko:

    Hi Rarog, I'm working in the integration pfsense-2.4.1 SG vs win server 2012 r2 AD, are u?

    or is a Linux LDAP?

    If is AD, what is your status?

    I'm interest in.

    Thanks.

    I solved this problem today. In pFsense, Squid Authentication Method LDAP works on port 3268, not 389 on Windows Server 2012 R2 AD. So, pf2ad not needed.

    Squidguard works with simple password without symbols.



  • @Rarog I have the same problem my friend!!
    so how did u solve it??
    where did u chage the port setting to 3268 ??
    and about the AD password I use "pa$$w0rd' so you suggest me to change it?


Log in to reply