What is LDAP?
The directory service model of the LDAP server is based on a worldwide directory model known as LDAP (Lightweight Directory Access Protocol). Both LDAP Version 2 (V2) and LDAP Version 3 (V3) are TCP/IP-based directory service protocols supported by z/OS.
The Lightweight Directory Access Protocol is used by LDAP servers (such as OpenLDAP or others). To use Squid LDAP authentication, use the auth param option in Squid.conf to specify which program to use. You define the program’s name as well as command-line parameters.
The squid LDAP auth helper is included with Squid. Squid can connect to an LDAP directory using this helper for validating the user name and password for Basic HTTP authentication. This helper can be found in the /usr/local/squid/libexec/, /usr/lib/squid/, and /usr/lib64/squid/ directories.
Step #1: Verify that Squid can communicate with the LDAP server.
Make sure the squid supports LDAP authentication before configuring it. Fill in the blanks with the following command:
# /usr/lib/squid/squid_ldap_auth -b “dc=nixcraft,dc=com” -f “uid=%s” ldap.nixcraft.com
Once you click enter key you need to enter UID and password using following format:
USERID blankspace PASSWORD
You will see “ok” if it can connect to the LDAP server.
Step # 2: Configuration
Open your squid.conf file:
# vi /etc/squid/squid.conf
The next code, which specifies the base DN under which your users are located and the LDAP server name, must be included next.
auth_param basic program /usr/lib/squid/squid_ldap_auth -b “dc=nixcraft,dc=com” -f “uid=%s” -h ldap.nixcraft.com
acl ldapauth proxy_auth REQUIRED
http_access allow ldapauth
http_access deny all
The following step is to save and close the file. To make changes, restart Squid.
# /etc/init.d/squid restart
Zimbra LDAP With Squid
Next step you need to use it as follows
/usr/lib/squid/squid_ldap_auth -v 3 -b dc=zimbra,dc=example,dc=com -f “(&(uid=%s)(objectClass=zimbraAccount))” -h zimbra.example.com
Squid authentication against Microsoft’s Active Directory
I’ve never used the group LDAP auth helper with Microsoft Active Directory. However, someone (a user) suggested the following approach. In squid. conf, add the following configuration directive:
ldap_auth_program /usr/lib/squid/group_ldap_auth -b dc=my-domain,dc=de -h \
server.my-domain.de -p 636 -g distinguishedName -d CN=lookup,OU=Services,\
OU=Users,DC=my-domain,DC=de -w lookup -u cn -m member -o group -S -l \
/var/log/squid/ldaplog
acl ldap_backoffice ldap_auth static ‘CN=BackOffice,OU=Groups,dc=my-domain,dc=de’
acl ldap_management ldap_auth static ‘CN=Management,OU=Groups,dc=my-domain,dc=de’
acl ldap_it-service ldap_auth static ‘CN=IT-Service,OU=Groups,dc=my-domain,dc=de’
acl ldap_development ldap_auth static ‘CN=DEVELOPMENT,OU=Groups,dc=my-domain,dc=de’
http_access allow ldap_development
http_access allow ldap_backoffice
http_access allow ldap_management
http_access allow ldap_it-service
http_access deny all
Conclusion
The squid LDAP authenticate helper is included with Squid. Squid can connect to an LDAP directory using this helper for validating the user name and password for Basic HTTP authentication. To Know More about Squid LDAP You can Checkout our Website.
FAQ
How can I tell if my Squid proxy is up and running?
Setup the client to use the Squid Proxy To see if your proxy server is working, go to Edit –> Preferences –> Advanced –> Network –> Settings and select “Manual proxy setup” and enter your proxy server IP address and port to be used for all connections as shown below.
What is the best way to administer my Squid proxy server?
On Ubuntu, install Squid Proxy.
Step 1: Refresh the Software Repositories .
Step 2: On Ubuntu, install the Squid package.
Step 3: Squid Proxy Server Configuration Set up Squid Client. Add ACL for Squid. Proxy Authentication must be configured. Create a new user with a new password. Squid Proxy allows you to block websites.
Step 4: Working with the Squid Service Commands