RE: [squid-users] SQUID NTLM

This is a discussion on RE: [squid-users] SQUID NTLM within the Squid Users forums, part of the Web Server and Related Forums category; Thanks for the reply Henrik The following works [root@mail squid]# wbinfo -a domain+username%password plaintext password authentication succeeded ...


Go Back   Usenet Forums > Web Server and Related Forums > Squid Users

Reload this Page RE: [squid-users] SQUID NTLM

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 07-17-2003
Tony Grace
 
Posts: n/a
Default RE: [squid-users] SQUID NTLM
Thanks for the reply Henrik
The following works

[root@mail squid]# wbinfo -a domain+username%password
plaintext password authentication succeeded
challenge/response password authentication succeeded
[root@mail squid]#

-----Original Message-----
From: Tony Grace [mailto:tony@opensystems.net.au]
Sent: Wednesday, 16 July 2003 10:01 PM
To: squid-users@squid-cache.org
Subject: [squid-users] SQUID NTLM


Thanks for the support with my attempt to get squid+winbind+samba+ADS
working RedHat 9.0 + squid 2.5.3 + samba 2.2.8a

I now have samba components working with ADS

wbinfo -a domain+username%password works
wbinfo -t works

wb_auth -d
Domain+username password gets an ok


Squid logs
1058324873.302 1 xxx.xxx.xxx.xxx TCP_DENIED/407 1732 GET
http://www.google.com.au/ - NONE/- text/html
1058324873.321 9 xxx.xxx.xxx.xxx TCP_DENIED/407 1728 GET
http://www.google.com.au/ - NONE/- text/html
1058324877.106 1 xxx.xxx.xxx.xxx TCP_DENIED/407 1732 GET
http://www.google.com.au/ - NONE/- text/html
1058324877.109 0 xxx.xxx.xxx.xxx TCP_DENIED/407 1728 GET
http://www.google.com.au/ - NONE/- text/html

Is there anyway to increase the information logged specifically about the
ntlm auth?

Squid.conf

auth_param ntlm program /usr/local/squid/libexec/wb_ntlmauth
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param basic program /usr/local/squid/libexec/wb_auth
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

acl AuthorizedUsers proxy_auth required

http_access allow all AuthorizedUsers
http_access deny all


Getent does not inculde domain information only Linux info is this a
problem?

Smb.conf

[global]
workgroup = XXXXX
netbios name = MAIL
server string = Samba Server
security = DOMAIN
encrypt passwords = Yes
update encrypted = Yes
obey pam restrictions = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*success fully*
unix password sync = Yes
log file = /var/log/samba/%m.log
max log size = 0
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = No
password server = *
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
name resolve order = hosts lmhosts wins bcast
printing = cups
wins server = xxx.xxx.xxx.xxx

Regards
Tony



Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 02:00 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0