forum.lissyara.su

Иногда, правильный удар в бубен, приводит в чувство целое племя...
https://forum.lissyara.su/

проблема SquidGuard +LDAP

https://forum.lissyara.su/viewtopic.php?f=53&t=36683

Страница 1 из 1

проблема SquidGuard +LDAP

Добавлено: 2012-05-24 9:49:00
alekseyeng
Добрый день! прошу очень помочь кто может. Имеется сервер Ad windows 2003. Хотелось чтоб squid авторизацию брал с АД.

(squidGuard.conf)

Код: Выделить всё

#!/bin/sh
# (for further configuration options see the
# documentation and http://www.squidguard.org/)
#
dbhome /usr/local/squidGuard/db/blacklists
logdir /usr/local/squidGuard/log

#
# TIME RULES:
# abbrev for weekdays:
#
# SOURCE ADDRESSES
#
#
ldapbinddn cn=inet_group, ou=inet, dc=company, dc=loc
ldapbindpass 123456
# ldap cache time in seconds
ldapcachetime 300
src ldap_users {

ldapusersearch ldap://company.loc:3268/DC=company,DC=loc?userPrincipalName?sub?(&(userPrincipalName=%s)(memberOf=CN=inet_group,OU=inet,DC=company,DC=lo))


# DESTINATION CLASSES
#
dest ads {
        domainlist ads/domains
        urllist ads/urls
        #redirect http://gtwcorb/1x1.gif

}
dest aggressive {
        domainlist aggressive/domains
        urllist aggressive/urls
}

#dest banners {
#       domainlist banners/domains
#       expressionlist banners/expressions
#       urllist banners/urls
#       redirect http://gtw/1.gif
#
#}
dest audio-video {
        domainlist audio-video/domains
        urllist audio-video/urls
}
dest files {
        expressionlist files/expressions
        redirect http://server/cgi-bin/files.cgi?clientaddr=%a&clientuse...
}

dest drugs {
        domainlist drugs/domains
        urllist drugs/urls
}
dest gambling {
        domainlist gambling/domains
        urllist gambling/urls
}
dest hacking {
        domainlist hacking/domains
        urllist hacking/urls
}
dest mail {
        domainlist mail/domains
        expressionlist mail/expressions
        log mail.log
}
dest porn {
        domainlist porn/domains
        urllist porn/urls
        expressionlist porn/expressions
##      log anonymous  porn.log
        log porno.log
}
dest proxy {
        domainlist proxy/domains
        urllist proxy/urls
}

dest redirector {
        domainlist redirector/domains
        urllist redirector/urls
}
dest violence {
        domainlist violence/domains
        urllist violence/urls
        expressionlist violence/expressions
}
dest warez {
        domainlist warez/domains
        urllist warez/urls
}
dest good
        {
        domainlist good/domains
        expressionlist good/expressions
        }

#dest third_access
        {
#        domainlist third_access/domains
#        }

#dest second_access
#        {
#        domainlist second_access/domains
#        }

dest local-block
        {
        domainlist local-block/domains
        expressionlist local-block/expressions
        log local-block.log
        }

dest RF-block
        {
        domainlist RF/domains
        log RF-block.log
        }


dest services
        {
        domainlist services/domains
        log services-block.log
        }

acl {
     ldap_users {
         pass  any
        pass  good !local-block !redirector !aggressive !audio-video !drugs !gambling !hacking !mail !porn !proxy !violence !warez all
        !ads !aggressive !audio-video !drugs !gambling !hacking !mail !porn !proxy !
в логах ругается на синтактическую ошибку ldapusersearch
что не так подскажи в этой строчке ?

Re: проблема SquidGuard +LDAP

Добавлено: 2012-05-24 16:31:07
m0ps
для начала поправь
ldapusersearch ldap://company.loc:3268/DC=company,DC=loc?userPrincipalName?sub?(&(userPrincipalName=%s)(memberOf=CN=inet_group,OU=inet,DC=company,DC=loс))
Часовой пояс: UTC+03:00
Страница 1 из 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/