ext_kerberos_ldap_group_acl

0

1

добрый день, пытаюсь настроить авторизацию на сквид, но столкнулся со след. проблемой:

ext_kerberos_ldap_group_acl -i -a -g internet -D MYDOMAIN.BY aduser kerberos_ldap_group.cc(378): pid=413 :2018/05/23 10:44:56| kerberos_ldap_group: INFO: Got User: aduser set default domain: MYDOMAIN.BY kerberos_ldap_group.cc(383): pid=413 :2018/05/23 10:44:56| kerberos_ldap_group: INFO: Got User: aduser Domain: MYDOMAIN.BY support_ldap.cc(1061): pid=413 :2018/05/23 10:44:56| kerberos_ldap_group: ERROR: Error determining ldap server type: Operations error support_member.cc(134): pid=413 :2018/05/23 10:44:56| kerberos_ldap_group: INFO: User aduser is not member of group@domain internet@NULL ERR

запуск в дебаге

/usr/sbin/ext_kerberos_ldap_group_acl -d -a -g internet -D MYDOMAIN.BY kerberos_ldap_group.cc(283): pid=399 :2018/05/23 10:43:28| kerberos_ldap_group: INFO: Starting version 1.3.1sq support_group.cc(382): pid=399 :2018/05/23 10:43:28| kerberos_ldap_group: INFO: Group list internet support_group.cc(447): pid=399 :2018/05/23 10:43:28| kerberos_ldap_group: INFO: Group internet Domain NULL support_netbios.cc(83): pid=399 :2018/05/23 10:43:28| kerberos_ldap_group: DEBUG: Netbios list NULL support_netbios.cc(87): pid=399 :2018/05/23 10:43:28| kerberos_ldap_group: DEBUG: No netbios names defined. support_lserver.cc(82): pid=399 :2018/05/23 10:43:28| kerberos_ldap_group: DEBUG: ldap server list NULL support_lserver.cc(86): pid=399 :2018/05/23 10:43:28| kerberos_ldap_group: DEBUG: No ldap servers defined. aduser kerberos_ldap_group.cc(376): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: INFO: Got User: aduser set default domain: MYDOMAIN.BY kerberos_ldap_group.cc(381): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: INFO: Got User: aduser Domain: MYDOMAIN.BY support_member.cc(63): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: User domain loop: group@domain internet@NULL support_member.cc(91): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Default domain loop: group@domain internet@NULL support_member.cc(119): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Default group loop: group@domain internet@NULL support_member.cc(121): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Found group@domain internet@NULL support_ldap.cc(898): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Setup Kerberos credential cache support_krb5.cc(127): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Set credential cache to MEMORY:squid_ldap_399 support_krb5.cc(138): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Get default keytab file name support_krb5.cc(144): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Got default keytab file name /etc/krb5.keytab support_krb5.cc(158): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Get principal name from keytab /etc/krb5.keytab support_krb5.cc(169): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Keytab entry has realm name: MYDOMAIN.BY support_krb5.cc(189): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Found principal name: HTTP/squid-1.mydomain.com@MYDOMAIN.BY support_krb5.cc(205): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Got principal name HTTP/squid-1.mydomain.com@MYDOMAIN.BY support_krb5.cc(269): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Stored credentials support_ldap.cc(927): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Initialise ldap connection support_ldap.cc(933): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Canonicalise ldap server name for domain MYDOMAIN.BY support_resolv.cc(379): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved SRV _ldap._tcp.MYDOMAIN.BY record to adc1.mydomain.com support_resolv.cc(379): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved SRV _ldap._tcp.MYDOMAIN.BY record to adc4.mydomain.com support_resolv.cc(379): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved SRV _ldap._tcp.MYDOMAIN.BY record to adc3.mydomain.com support_resolv.cc(379): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved SRV _ldap._tcp.MYDOMAIN.BY record to adc2.mydomain.com support_resolv.cc(207): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved address 1 of MYDOMAIN.BY to adc1.mydomain.com support_resolv.cc(207): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved address 2 of MYDOMAIN.BY to adc1.mydomain.com support_resolv.cc(207): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved address 3 of MYDOMAIN.BY to adc1.mydomain.com support_resolv.cc(207): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved address 4 of MYDOMAIN.BY to adc4.mydomain.com support_resolv.cc(207): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved address 5 of MYDOMAIN.BY to adc4.mydomain.com support_resolv.cc(207): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved address 6 of MYDOMAIN.BY to adc4.mydomain.com support_resolv.cc(207): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved address 7 of MYDOMAIN.BY to adc2.mydomain.com support_resolv.cc(207): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved address 8 of MYDOMAIN.BY to adc2.mydomain.com support_resolv.cc(207): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved address 9 of MYDOMAIN.BY to adc2.mydomain.com support_resolv.cc(207): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved address 10 of MYDOMAIN.BY to adc3.mydomain.com support_resolv.cc(207): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved address 11 of MYDOMAIN.BY to adc3.mydomain.com support_resolv.cc(207): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Resolved address 12 of MYDOMAIN.BY to adc3.mydomain.com support_resolv.cc(407): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Adding MYDOMAIN.BY to list support_resolv.cc(443): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Sorted ldap server names for domain MYDOMAIN.BY: support_resolv.cc(445): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Host: adc4.mydomain.com Port: 389 Priority: 0 Weight: 100 support_resolv.cc(445): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Host: adc3.mydomain.com Port: 389 Priority: 0 Weight: 100 support_resolv.cc(445): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Host: adc2.mydomain.com Port: 389 Priority: 0 Weight: 100 support_resolv.cc(445): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Host: adc1.mydomain.com Port: 389 Priority: 0 Weight: 100 support_resolv.cc(445): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Host: MYDOMAIN.BY Port: -1 Priority: -2 Weight: -2 support_ldap.cc(942): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Setting up connection to ldap server adc4.mydomain.com:389 support_ldap.cc(953): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Bind to ldap server with SASL/GSSAPI support_ldap.cc(967): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Successfully initialised connection to ldap server adc4.mydomain.com:389 support_ldap.cc(333): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Search ldap server with bind path «» and filter: (objectclass=*) support_ldap.cc(602): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Search ldap entries for attribute : schemaNamingContext support_ldap.cc(645): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: 1 ldap entry found with attribute : schemaNamingContext support_ldap.cc(342): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Search ldap server with bind path CN=Schema,CN=Configuration,DC=mydomain,DC=com and filter: (ldapdisplayname=samaccountname) support_ldap.cc(345): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Found 0 ldap entries support_ldap.cc(350): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: Determined ldap server not as an Active Directory server support_ldap.cc(1061): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: ERROR: Error determining ldap server type: Operations error support_member.cc(132): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: INFO: User aduser is not member of group@domain internet@NULL ERR kerberos_ldap_group.cc(416): pid=399 :2018/05/23 10:43:34| kerberos_ldap_group: DEBUG: ERR

может кто сталкивался ?

Ссылка

с тем, что тут постят код без тегов? Да постоянно сталкиваемся.

www.linux.org.ru/help/lorcode.md

constin ★★★★
(23.05.18 15:34:33 MSK)
Последнее исправление: constin 23.05.18 15:34:42 MSK (всего исправлений: 1)

Ответ на: комментарий от constin 23.05.18 15:34:33 MSK

Вы про теги \[cut\]\[/cut\] не сработали почему то

senigor
(23.05.18 16:05:50 MSK) автор топика

Ответ на: комментарий от senigor 23.05.18 16:05:50 MSK

нет, я про теги [ code ]

constin ★★★★
(23.05.18 16:54:41 MSK)
Последнее исправление: constin 23.05.18 16:55:04 MSK (всего исправлений: 1)

Похожие темы