Ldap search filter multiple groups - squid

search filter ldap squid

Matthew · Oct 23, 2013 · Viewed 27k times · Source

I am testing suid + AD using windows server 2008. I have the following simple structure for now:

+ Test_Users
-----internet_group
--------Matthew Vassallo (user)
-----normal_group
--------Kenneth Grech (user)

I would like to make an ldap query that contains a single common OU but with different groups. The following query worked out well for only one group and one OU:

(&(memberOf=OU=Test_Users,CN=internet_group,DC=matthew,DC=com)(sAMAccountName=%s))

How can I extend that please for more different groups? Thanks

Answer

Use:

(&(memberOf=CN=%s,OU=Test_Users,DC=matthew,DC=com)(sAMAccountName=%s))

Then:

external_acl_type ldap_group %LOGIN /path/to/squid_ldap_group ...
acl group1 external ldap_group internet_group
acl group2 external ldap_group normal_group
http_access allow internet_group
http_access allow normal_group

Another option is to build a complex filter:

(&(|(memberOf=CN=normal_group,OU=Test_Users,DC=matthew,DC=com)(memberOf=CN=internet_group,OU=Test_Users,DC=matthew,DC=com))(sAMAccountName=%s))

Choose the best option for you :)

Ldap search filter multiple groups - squid

Answer

Related questions