Hola! He montado a Samba+Ldap para que me funcione como PDC y hasta todo va bien . Ahora le he puesto squid para el acceso a internet a los clientes y he querido que estos se autentifiquen contra mi Ldap pero al pedirme la clave y password se la pongo pero me dice como si no existiera, es decir, vuelve y me la pide y no me permite navegar. Mi configuración de Squid es esta: #========================================== http_port 3128 cache_mem 32 MB cache_swap_low 90 cache_swap_high 95 maximum_object_size 8192 KB ipcache_size 2048 ipcache_low 90 ipcache_high 95 fqdncache_size 2048 cache_dir ufs /var/spool/squid 2000 16 256 cache_access_log /var/log/squid/access.log cache_log /var/log/squid/cache.log cache_store_log /var/log/squid/store.log hosts_file /etc/hosts # #redirect_program /usr/bin/squidGuard icon_directory /usr/share/squid/icons short_icon_urls on error_directory /usr/share/squid/errors/Spanish coredump_dir /var/spool/squid #===================================================== #Recommended minimum configuration: acl all src all acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 # https acl SSL_ports port 563 # snews acl SSL_ports port 873 # rsync acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 631 # cups acl Safe_ports port 873 # rsync acl Safe_ports port 901 # SWAT acl purge method PURGE acl CONNECT method CONNECT #=================================================================== auth_param basic program /usr/lib/squid/ldap_auth -v 3 -b "dc=jq,dc=org" -f uid=%s 127.0.0.1 auth_param basic realm Para loguearse entre Usuario+Password auth_param basic children 10 auth_param basic credentialsttl 1 hours #===============LdapGroups============== external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -v 3 -b "ou=internet,dc=jq,dc=org" -f "(&(cn=%g)(memberUid=%v))" -h 127.0.0.1 acl ldap-auth proxy_auth REQUIRED http_access deny !ldap-auth acl ldapgroup-enabled external ldap_group internet deny_info denied-ldapenabled ldapgroup-enabled http_access deny !ldapgroup-enabled http_access deny all *-------------------------------------------------------* *-Edwin Quijada *-Developer DataBase *-JQ Microsistemas *-Soporte PostgreSQL *-www.jqmicrosistemas.com *-809-849-8087 *-------------------------------------------------------* |