EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Friday 27 December 2024, 10:17:30 pm
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
The Latest Endian Firewall is now available for download
HERE
14262
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
General Support
Endian 3 Proxy Authenticating via LDAP
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: Endian 3 Proxy Authenticating via LDAP (Read 25575 times)
ricardo.claus
Full Member
Offline
Posts: 30
Endian 3 Proxy Authenticating via LDAP
«
on:
Monday 25 January 2016, 11:00:09 pm »
Dear,
I'm trying to set up authentication by Access Group in Windows 2012 R2 via LDAP in Endian 3.0.5 Beta1, however unsuccessfully.
Proxy configured as non-transparent.
The machines customers to enter user / password field, authentication is not recognized.
The machines were tested clients: Win7, win8 and Win2008R2
Viewing the log of the Squid cache, this error appears:
basic_ldap_auth.cc (684): pid = 28593: user filter '(& (objectClass = person) (uid = iuser))', searchbase 'DC = domain, DC = local'
basic_ldap_auth: WARNING, LDAP search error 'Operations error'
In the settings options, I used these options:
LDAP specific settings:
LDAP server: IP AD server
Port of LDAP server: 389
Bind DN settings: DC = domain, DC = local
Type LDAP: LDAP v3 (Also tried with Active Directory Server)
Bind DN username: CN = Administrator, CN = Users, DC = domain, DC = local
user objectClass: person
group objectClass: group
I can enter the Endian in AD normally, however the navigation is refused.
Could someone give me a hint?
Thank you!
Logged
ricardo.claus
Full Member
Offline
Posts: 30
Re: Endian 3 Proxy Authenticating via LDAP
«
Reply #1 on:
Tuesday 26 January 2016, 10:08:05 pm »
Already configured the proxy with NTLM, it works very well.
Here the company authentication via LDAP is critical because some machines will be outside the realm, beyond the visitors we receive here.
I can see the groups and users, set up when the policy.
Even typing User and password, the squid does not release the navigation.
I tested it with several users ...
The log keeps pointing this error:
basic_ldap_auth.cc (684): pid = 18085: user filter '(& (objectClass = person) (uid = iuser))', searchbase 'DC = domain, DC = local'
basic_ldap_auth: WARNING, LDAP search error 'Operations error'
Anyone know how to solve the problem?
Logged
dda
Sr. Member
Offline
Posts: 227
Re: Endian 3 Proxy Authenticating via LDAP
«
Reply #2 on:
Wednesday 03 February 2016, 01:02:34 am »
Try this
http://www.efwsupport.com/index.php?topic=1001.0
Logged
ricardo.claus
Full Member
Offline
Posts: 30
Re: Endian 3 Proxy Authenticating via LDAP
«
Reply #3 on:
Wednesday 03 February 2016, 05:47:06 am »
Dear DDA,
I appreciate your help.
I read the hint that you sent me.
I realized some changes in the configuration fields.
Now I no longer see this error:
basic_ldap_auth: WARNING, LDAP search error 'Operations error'
But still the problem in navigation.
When I type the User and password in the login screen, the proxy does not release. What I see this in the log cache.log:
basic_ldap_auth.cc (684): pid = 19812: user filter '(& (objectClass = person) (uid = IUSER))', searchbase 'CN = Users, DC = domain, DC = local'
basic_ldap_auth.cc (706): pid = 19812: Ldap search returned nothing
The above error, it's like the User and Password that digitel, were not found in AD.
When I run this command in Terminal, I can usually consult any User registered in my AD.
From the Endian terminal, I run this command:
/ usr / lib / squid / basic_ldap_auth -R -b "dc = domain, dc = local" -D "cn = Administrator, CN = Users, DC = domain, dc = local" -w "password" -f sAMAccountName =% s -h 10.16.16.11
I type the User and Password, and get this success message:
"OK"
with this result I conclude that the LDAP query via terminal, works perfectly.
Logged
dda
Sr. Member
Offline
Posts: 227
Re: Endian 3 Proxy Authenticating via LDAP
«
Reply #4 on:
Wednesday 03 February 2016, 09:38:32 am »
When you got to -proxy-accesspolicy- enable authentication does the list of users and groups drop down?
Logged
ricardo.claus
Full Member
Offline
Posts: 30
Re: Endian 3 Proxy Authenticating via LDAP
«
Reply #5 on:
Thursday 04 February 2016, 12:05:54 am »
Yes, Access Policy I can select User authentication or group. Yes can view the AD users and groups.
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.078 seconds with 17 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com