OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: siegfried on February 25, 2020, 10:28:48 am

Title: Solved: Squid LDAP authentication broken after upgrade 19.7 -> 20.1.1
Post by: siegfried on February 25, 2020, 10:28:48 am

Hi, since I upgraded to 20.1.1 last week, squid auth against the AD using LDAP no longer works, but the Kerberos authentication works fine. Log messages says that the users are authenticated for squid service by LDAP:

user ....authenticated successfully for squid  [using OPNSense\Auth\Services\Squid\ + OPNSense\Auth\LDAP]

I tried to test with opnsense-login -s squid -u username and the result is OK. But the Browser still asks with a popup for auth data. It seems like that is similat behaviour like here:

https://forum.opnsense.org/index.php?topic=12813.msg59349#msg59349

Any hints? Thanks in advance!

Edit: I added a additional conf file in ./auth with basic_auth_ldap and the users are authenticated against AD and able to surf. It's my workaround. Also if i'm trying to authenticate at the console with valid credentials using /usr/local/libexex/squid/basic_pam-auth -o also returns "OK" as result.

Title: Re: Solved: Squid LDAP authentication broken after upgrade 19.7 -> 20.1.1
Post by: siegfried on March 10, 2020, 10:24:07 am

Problem solved, I updated to 20.1.2 and squid LDAP auth is working normal. Thanks for all who keeps OPNsense up to date!  :)