Edit File: ss5.conf
# Enable basic authentication for all sources ips # # SHost SPort Authentication auth 0.0.0.0/0 - u # Enable PAM authentication set SS5_PAM_AUTH set SS5_STIMEOUT 3600 # Enable cache for authentication set SS5_AUTHCACHEAGE 3600 #Enable verbose output into ss5.log file set SS5_VERBOSE # Enable ldap profiling set SS5_LDAP_FILTER # Dump SQL traffic into file dump 172.30.1.1/32 1433 1 # Send connection destinated to 172.30.10 network through a socks upstream server # # DHost/Net DPort DProxyip DProxyPort proxy 172.30.10.0/24 - 10.2.2.240 1080 - # Enable authenticated users belong windows group CN=Users,DC=main,DC=it to use ssh and sql through 172.30 network # #Auth SHost SPort DHost DPort Fixup Group Band permit u 0.0.0.0/0 - 172.30.0.0/16 22 - CN=LOGON-GRP01,CN=Users,DC=main,DC=it - - permit u 0.0.0.0/0 - 172.30.0.0/16 1433 - CN=LOGON-GRP02,CN=Users,DC=main,DC=it - - # Configure ldap container (in this case windows DController) ldap_profile_ip 10.2.2.1 ldap_profile_port 389 ldap_profile_base DC=main,DC=it ldap_profile_filter cn ldap_profile_attribute MemberOf ldap_profile_dn CN=USER01,OU=ORG01,DC=main,DC=it ldap_profile_pass passwd