Squid auth failed

  • Hi,
    We've got some problem to authenticate user via the active directory.
    It works except for people having french charaters in there password (ie. école, très, …)

    Is there a way to change that ?

  • Nobody encounter this problem of accent characters ?

  • Sounds like a Squid issue.  I would search the Squid mailing lists here:

  • So ?
    Did you find something on squid for my problem ?

  • Your post is a bit light on information but my guess is you are seeing the old UTF8 problem.

    If you Google it you will get loads of posts telling you to not use accented characters in AD passwords if you use any form of LDAPv2 authentication and I'm assuming you are using squid_ldap_auth or one of it's variants. The fix is to update your AD servers to use LDAPv3 which does use UTF8 encoding.

  • I'm actually using a v3 ldap version. So I'm not sure the problem is the same. Am I wrong with that ?
    How to be sure to use the good version of squid_ldap_auth ?

  • A quick way to see if squid_ldap_auth is working properly is to start a packet capture and then get a user to attempt to authenticate using a password with an extended character in it. You should get both sides of the conversation and then post it here so I can see what's going on.

    I forgot to ask, which version of Squid do you have installed?

  • I'v got version 2.6.21_10, but just see that a new version is out (v2.7.7)
    I'll try an update tomorrow and try a capture if the problem still exist

  • yes 2.6 is the original pkg branch for FreeBSD 7 when it was released and as you have now guessed it did not support the utf8  on|off tag. when you upgrade to 2.7.7 just turn it on in the squid.conf file

  • Thks for your response Gloom  but can't manage to find where to switch on utf8 support  :-[
    If I change it in squid.conf, it will not be persistent. Is there the same option on squid.inc ?

  • yes you should just be able to insert a line like

    auth_parm utf8 on

    then restart squid and hopefully your users can enjoy passwords with accented characters

Log in to reply