On Mon, 2006-07-31 at 19:22 +0200, Guido Serassio wrote:
> Hi Andrew,
>
> At 00.25 31/07/2006, Andrew Bartlett wrote:
>
> >On Sun, 2006-07-30 at 21:03 +0200, Guido Serassio wrote:
> > > Hi Andrew,
> > >
> > > I have a question for the Samba team.
> > >
> > > The current STABLE Squid version (2.6) supports the Negotiate
> > > authentication schema, but for now it can be used only when running
> > > on native Windows, because Samba 3 ntlm_auth doesn't provide such support.
> > >
> > > There is any expectation about adding this support to Samba 3, or we
> > > need to long wait for Samba 4 ?
> > >
> > > They are already many requests about from Squid users.
> >
> >Actually, the Samba3 code may well work, if it can read the keytab or
> >secrets.tdb.
>
> It fails with this log:
> Samba was Debian package 3.0.23 from samba.org.
>
> The machine is ADS member of a 2003 AD domain, and with ntlm it works fine.
> secrets.tdb is rw for squid group (whitout this I can see errors
> about the file access).
>
> Let me to know if need more info.
It is frustrating, as it *should* work, but something in the kerberos
library is objecting (returning an ASN1 error).
Perhaps we need to get the Samba4 code in this area backported, but that
in no small task either...
Andrew Bartlett
-- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. http://redhat.com
This archive was generated by hypermail pre-2.1.9 : Fri Sep 01 2006 - 12:00:03 MDT