Hi everbody!
I would like to use Endian 2.3 with my Zimbra 6.02 user base (LDAP).
I find a way of get authentication/policies to work if I manually edit, for example, /etc/squid/groups/rule0. But the "trick" only work for user based authentication...
HTTP proxy: Authentication
==========================
Authentication Method: LDAP (v2, v3, Novell eDirectory, AD)
Authentication settings:
- Authentication Realm: Endian Proxy Server
- Number of Authentication Children: 20
- Authentication cache TTL (in minutes): 60
- Number of different ips per user: 0
- User / IP cache TTL (in minutes): 0
LDAP specific settings:
- LDAP server: zimbra.example.com
- Port of LDAP server: 389
- Bind DN settings: dc=example,dc=com
- LDAP type: LDAP v3 Server
- Bind DN username: uid=zmposix,cn=appaccts,cn=zimbra
- Bind DN password: ******** :)
- user objectClass: posixAccount
- group objectClass: posixGroup
In
Access Policy I changed "filter for virus" policy "Authgroup/-user" from "not required" to "uid=john.doe,ou=people,dc=example,dc=com".
But when I try to access, after enter user/password in browser window I always get denied.
I discovered that if I edit /etc/squid/group/rule0 and leave only "john.doe" authentication begins to work as expected.
I tested this with other usernames and only work if I remove the LDAP stuff "uid=x,ou=x,dc=z..." and leave only username (uid).
With groups this approach doesn´t work. Either full group name or only short name doesn´t work.
Do you think I discovered a bug?
Any ideas of how to make this work?
It´s essential for my deploy scenario that I get HTTP proxy authentication & policies (user/group) working with Zimbra LDAP.
Thanking in advance,
MosoCMS