If you would like to receive announcements about changes to this project, please subscribe to the announce mailing list. There is also a help mailing list. If you would like to help others use group-ldap-auth, or are looking for help, please subscribe.
The current and supported release is the 1.4 release for 2.4 STABLE7 (released 2002-09-23).
If you are looking for information on releases for Squid 2.3, look here.
How do I install the patch?
First, gunzip the patch file. Then go to the top of the squid source directory and run the patch command stripping off the first two parts of the path. Example:
% cd ~/src/squid-2.4.STABLE6/
% patch -p2 < ~/group-ldap-auth.diff-2.4.STABLE6-1.3
Can I use group-ldap-auth with Microsoft's Active Directory?
The following was submitted from a user:
I use it [version 1.4] with an SSL-enabled Active Directory Server with the following configuration: ldap_auth_program /usr/lib/squid/group_ldap_auth -b dc=my-domain,dc=de -h \ server.my-domain.de -p 636 -g distinguishedName -d CN=lookup,OU=Services,\ OU=Users,DC=my-domain,DC=de -w lookup -u cn -m member -o group -S -l \ /var/log/squid/ldaplog acl ldap_backoffice ldap_auth static 'CN=BackOffice,OU=Groups,dc=my-domain,dc=de' acl ldap_management ldap_auth static 'CN=Management,OU=Groups,dc=my-domain,dc=de' acl ldap_it-service ldap_auth static 'CN=IT-Service,OU=Groups,dc=my-domain,dc=de' acl ldap_development ldap_auth static 'CN=DEVELOPMENT,OU=Groups,dc=my-domain,dc=de' http_access allow ldap_development http_access allow ldap_backoffice http_access allow ldap_management http_access allow ldap_it-service http_access deny all Microsoft AD uses 'cn' as the uid attribute, 'group' as objectclass that defines a group and 'distinguishedName' as the attribute that identifies a group. With these settings group_ldap_auth runs out of the box and you can use your Microsoft AD groups to authenticate.
email me with any questions.
