Welcome to Linux Knowledge Base and Tutorial
"The place where you learn linux"

 Create an AccountHome | Submit News | Your Account  

Tutorial Menu
Linux Tutorial Home
Table of Contents

· Introduction to Operating Systems
· Linux Basics
· Working with the System
· Shells and Utilities
· Editing Files
· Basic Administration
· The Operating System
· The X Windowing System
· The Computer Itself
· Networking
· System Monitoring
· Solving Problems
· Security
· Installing and Upgrading
· Linux and Windows

Man Pages
Linux Topics
Test Your Knowledge

Site Menu
Site Map
Copyright Info
Terms of Use
Privacy Info
Masthead / Impressum
Your Account

Private Messages

News Archive
Submit News
User Articles
Web Links


The Web

Who's Online
There are currently, 85 guest(s) and 0 member(s) that are online.

You are an Anonymous user. You can register for free by clicking here




       squid_ldap_group  -b  "base  DN"  -f  "LDAP search filter"
       [options] [ldap_server_name[:port]...]


       This helper allows Squid to connect to a LDAP directory to
       authorize users via LDAP groups.

       The  program  operates  by  searching with a search filter
       based on the users login name and requested group, and  if
       a match is found it is determined that the user belongs to
       the group.

       -b basedn (REQUIRED)
              Specifies the base DN under which  the  groups  are

       -B basedn
              Specifies  the  base  DN  under which the users are
              located (if different)

       -g     Specifies that the first query argument sent to the
              helper  by  Squid  is a extension to the basedn and
              will be temporarily added  infront  of  the  global
              basedn for this query.

       -f filter
              LDAP  search  filter used to search the LDAP direc­
              tory for any matching group memberships.    In  the
              filter  %u  will be replaced by the user login name
              (or DN if the -F or -u options are used) and %g  by
              the requested group name.

       -F filter
              LDAP  search  filter used to search the LDAP direc­
              tory for any matching users.    In  the  filter  %s
              will be replaced by the user login name. If % is to
              be included literally in the filter then use %%.

       -u attr
              LDAP attribute used to construct the user  DN  from
              the login name and base dn.

       -s base|one|sub
              search scope. Defaults to 'sub'.

              base  object  only, one level below the base object
              or subtree below the base object

       -D binddn -w password
              The DN and password to  bind  as  while  performing
              searches.  Required if the directory does not allow
              option causes the LDAP connection to be kept  open,
              allowing  it  to be reused for further user valida­
              tions. Recommended for larger installations.

       -R     do not follow referrals

       -a never|always|search|find
              when to dereference aliases. Defaults to 'never'

              never dereference aliases (default), always  deref­
              erence  aliases,  only  while  searching or only to
              find the base object

       -h ldapserver
              Specify the LDAP server to connect to

       -p ldapport
              Specify an alternate TCP port where the ldap server
              is  listening  if  other than the default LDAP port

       -S     Strip NT domain name component from usernames (/ or
              \ separated)


       This  helper is intended to be used as a external_acl_type
       helper from squid.conf.

       external_acl_type ldap_group %LOGIN /path/to/squid_ldap_group ...
       acl group1 ldap_group Group1
       acl group2 ldap_gorup Group2


       When constructing search filters  it  is  strongly  recom­
       mended  to  test  the  filter  using ldapsearch before you
       attempt to use squid_ldap_group. This to verify  that  the
       filter matches what you expect.


       This   manual   page   was  written  by  Henrik  Nordstrom

       squid_ldap_group   is   written    by    Flavio    Pescuma
       <flavio@marasystems.com>  and Henrik Nordstrom <hno@squid-
       cache.org>, based on prior work in squid_ldap_auth by Glen
       Newton <glen.newton@nrc.ca>


       Max 16 occurances of %s in the -u argument is supported.


       Any  questions on usage can be sent to Squid Users <squid-

Squid LDAP Match         7 September 2002     squid_ldap_group(8)

An undefined database error occurred. SELECT distinct pages.pagepath,pages.pageid FROM pages, page2command WHERE pages.pageid = page2command.pageid AND commandid =

Show your Support for the Linux Tutorial

Purchase one of the products from our new online shop. For each product you purchase, the Linux Tutorial gets a portion of the proceeds to help keep us going.



Security Code
Security Code
Type Security Code

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Help if you can!

Amazon Wish List

Did You Know?
The Linux Tutorial welcomes your suggestions and ideas.


Tell a Friend About Us

Bookmark and Share

Web site powered by PHP-Nuke

Is this information useful? At the very least you can help by spreading the word to your favorite newsgroups, mailing lists and forums.
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters. Articles are the property of their respective owners. Unless otherwise stated in the body of the article, article content (C) 1994-2013 by James Mohr. All rights reserved. The stylized page/paper, as well as the terms "The Linux Tutorial", "The Linux Server Tutorial", "The Linux Knowledge Base and Tutorial" and "The place where you learn Linux" are service marks of James Mohr. All rights reserved.
The Linux Knowledge Base and Tutorial may contain links to sites on the Internet, which are owned and operated by third parties. The Linux Tutorial is not responsible for the content of any such third-party site. By viewing/utilizing this web site, you have agreed to our disclaimer, terms of use and privacy policy. Use of automated download software ("harvesters") such as wget, httrack, etc. causes the site to quickly exceed its bandwidth limitation and are therefore expressly prohibited. For more details on this, take a look here

PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.08 Seconds