RE: [squid-users] Popup login and password box with Winbind authe nticators

I wish I could say that was the problem. I was hoping that I made a typo at
configure, but to no avail. Here is the ./configure of the recompile output
if it helps.

creating cache ./config.cache
checking for a BSD compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for mawk... mawk
checking whether make sets ${MAKE}... yes
checking whether to enable maintainer-specific portions of Makefiles... no
checking for gcc... gcc
checking whether the C compiler (gcc -g) works... yes
checking whether the C compiler (gcc -g) is a cross-compiler... no
checking whether we are using GNU C... yes
checking whether gcc accepts -g... yes
checking for style of include used by make... GNU
checking dependency style of gcc... gcc
checking whether gcc and cc understand -c and -o together... yes
checking host system type... i686-pc-linux-gnu
checking for Cygwin environment... no
checking for mingw32 environment... no
checking for executable suffix... no
checking for object suffix... o
Store modules built: ufs
Removal policies built: lru
Auth scheme modules built: ntlm basic
Basic auth helpers built: winbind
NTLM auth helpers built: winbind
unlinkd enabled
checking how to run the C preprocessor... gcc -E
checking for a BSD compatible install... /usr/bin/install -c
checking for ranlib... ranlib
checking whether ln -s works... yes
checking for sh... /bin/sh
checking for false... /bin/false
checking for true... /bin/true
checking for rm... /bin/rm
checking for mv... /bin/mv
checking for mkdir... /bin/mkdir
checking for ln... /bin/ln
checking for perl... /usr/bin/perl
checking for ar... /usr/bin/ar
checking for dirent.h that defines DIR... yes
checking for opendir in -ldir... no
checking for ANSI C header files... yes
checking for arpa/inet.h... yes
checking for arpa/nameser.h... yes
checking for assert.h... yes
checking for bstring.h... no
checking for crypt.h... yes
checking for ctype.h... yes
checking for errno.h... yes
checking for execinfo.h... yes
checking for fcntl.h... yes
checking for getopt.h... yes
checking for gnumalloc.h... no
checking for grp.h... yes
checking for ip_compat.h... no
checking for ip_fil_compat.h... no
checking for ip_fil.h... no
checking for ip_nat.h... no
checking for libc.h... no
checking for limits.h... yes
checking for linux/netfilter_ipv4.h... yes
checking for malloc.h... yes
checking for math.h... yes
checking for memory.h... yes
checking for mount.h... no
checking for net/if.h... yes
checking for net/pfvar.h... no
checking for netdb.h... yes
checking for netinet/if_ether.h... yes
checking for netinet/in.h... yes
checking for netinet/tcp.h... yes
checking for netinet/ip_compat.h... no
checking for netinet/ip_fil_compat.h... no
checking for netinet/ip_fil.h... no
checking for netinet/ip_nat.h... no
checking for openssl/err.h... no
checking for openssl/md5.h... no
checking for openssl/ssl.h... no
checking for poll.h... yes
checking for pwd.h... yes
checking for regex.h... yes
checking for resolv.h... yes
checking for sched.h... yes
checking for signal.h... yes
checking for stdarg.h... yes
checking for stddef.h... yes
checking for stdio.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for strings.h... yes
checking for sys/bitypes.h... yes
checking for sys/file.h... yes
checking for sys/ioctl.h... yes
checking for sys/mount.h... yes
checking for sys/msg.h... yes
checking for sys/param.h... yes
checking for sys/resource.h... yes
checking for sys/select.h... yes
checking for sys/socket.h... yes
checking for sys/stat.h... yes
checking for sys/statvfs.h... yes
checking for syscall.h... yes
checking for sys/syscall.h... yes
checking for sys/time.h... yes
checking for sys/types.h... yes
checking for sys/un.h... yes
checking for sys/vfs.h... yes
checking for sys/wait.h... yes
checking for syslog.h... yes
checking for time.h... yes
checking for unistd.h... yes
checking for utime.h... yes
checking for varargs.h... yes
checking for byteswap.h... yes
checking for glib.h... no
checking for stdint.h... yes
checking for inttypes.h... yes
checking for grp.h... (cached) yes
checking for nss_common.h... no
checking for nss.h... yes
checking for working const... yes
checking whether byte ordering is bigendian... no
checking if ANSI prototypes work... yes
checking for tm->tm_gmtoff... yes
checking for struct mallinfo... yes
checking for extended mallinfo... no
checking for struct rusage... yes
checking for ip->ip_hl... yes
checking size of void *... 4
checking size of short... 2
checking size of int... 4
checking size of long... 4
checking size of long long... 8
checking size of __int64... 0
checking size of int16_t... 2
checking size of uint16_t... 2
checking size of u_int16_t... 2
checking size of int32_t... 4
checking size of uint32_t... 4
checking size of u_int32_t... 4
checking size of int64_t... 8
checking size of uint64_t... 8
checking size of u_int64_t... 8
checking for int16_t... yes
checking for u_int16_t... yes
checking for int32_t... yes
checking for u_int32_t... yes
checking for int64_t... yes
checking for u_int64_t... yes
checking for pid_t... yes
checking for size_t... yes
checking for ssize_t... yes
checking for off_t... yes
checking for mode_t... yes
checking for fd_mask... yes
checking size of off_t... 4
checking size of size_t... 4
checking for working alloca.h... yes
checking for alloca... yes
checking for socklen_t... yes
checking for mtyp_t... no
checking for main in -lnsl... yes
checking for main in -lsocket... no
checking for unix domain sockets... yes
checking for main in -lgnumalloc... no
checking for main in -lmalloc... no
checking for main in -lbsd... no
checking for main in -lregex... no
checking for gethostbyname in -lbind... no
checking for inet_aton in -lresolv... yes
checking for inet_aton in -l44bsd... no
checking for main in -lresolv... yes
checking for main in -lm... yes
checking for crypt in -lcrypt... yes
checking for bcopy... yes
checking for backtrace_symbols_fd... yes
checking for crypt... no
checking for fchmod... yes
checking for getdtablesize... yes
checking for getpagesize... yes
checking for getpass... yes
checking for getrusage... yes
checking for getspnam... yes
checking for lrand48... yes
checking for mallinfo... yes
checking for mallocblksize... no
checking for mallopt... yes
checking for memcpy... yes
checking for memmove... yes
checking for memset... yes
checking for mkstemp... yes
checking for mktime... yes
checking for mstats... no
checking for poll... yes
checking for pthread_attr_setscope... yes
checking for pthread_setschedparam... yes
checking for pthread_attr_setschedparam... yes
checking for pthread_sigmask... no
checking for putenv... yes
checking for random... yes
checking for regcomp... yes
checking for regexec... yes
checking for regfree... yes
checking for res_init... no
checking for rint... yes
checking for seteuid... yes
checking for setgroups... yes
checking for setpgrp... yes
checking for setrlimit... yes
checking for getrlimit... yes
checking for setsid... yes
checking for sigaction... yes
checking for snprintf... yes
checking for srand48... yes
checking for srandom... yes
checking for statfs... yes
checking for sysconf... yes
checking for syslog... yes
checking for timegm... yes
checking for vsnprintf... yes
checking for bswap_16... no
checking for bswap_32... no
checking if setresuid is implemented... yes
checking if GNUregex needs to be compiled... no
checking for drand48... yes
checking for tempnam... yes
checking for strerror... yes
checking Default FD_SETSIZE value... 1024
checking Maximum number of filedescriptors we can open... 1024
checking Default UDP send buffer size... 65535
checking Default UDP receive buffer size... 65535
checking Default TCP send buffer size... 16384
checking Default TCP receive buffer size... 87380
checking if sys_errlist is already defined... no
checking for libresolv _dns_ttl_ hack... no
checking if inet_ntoa() actually works... yes
checking for working statvfs() interface... yes
checking for _res.nsaddr_list... yes
updating cache ./config.cache
creating ./config.status
creating Makefile
creating lib/Makefile
creating scripts/Makefile
creating scripts/RunCache
creating scripts/RunAccel
creating src/Makefile
creating src/fs/Makefile
creating src/repl/Makefile
creating src/auth/Makefile
creating src/auth/basic/Makefile
creating src/auth/digest/Makefile
creating src/auth/ntlm/Makefile
creating contrib/Makefile
creating snmplib/Makefile
creating icons/Makefile
creating errors/Makefile
creating src/fs/aufs/Makefile
creating src/fs/coss/Makefile
creating src/fs/diskd/Makefile
creating src/fs/null/Makefile
creating src/fs/ufs/Makefile
creating src/repl/heap/Makefile
creating src/repl/lru/Makefile
creating doc/Makefile
creating helpers/Makefile
creating helpers/basic_auth/Makefile
creating helpers/basic_auth/LDAP/Makefile
creating helpers/basic_auth/MSNT/Makefile
creating helpers/basic_auth/NCSA/Makefile
creating helpers/basic_auth/PAM/Makefile
creating helpers/basic_auth/SMB/Makefile
creating helpers/basic_auth/YP/Makefile
creating helpers/basic_auth/getpwnam/Makefile
creating helpers/basic_auth/multi-domain-NTLM/Makefile
creating helpers/basic_auth/SASL/Makefile
creating helpers/basic_auth/winbind/Makefile
creating helpers/digest_auth/Makefile
creating helpers/digest_auth/password/Makefile
creating helpers/ntlm_auth/Makefile
creating helpers/ntlm_auth/fakeauth/Makefile
creating helpers/ntlm_auth/no_check/Makefile
creating helpers/ntlm_auth/SMB/Makefile
creating helpers/ntlm_auth/SMB/smbval/Makefile
creating helpers/ntlm_auth/winbind/Makefile
creating helpers/external_acl/Makefile
creating helpers/external_acl/ip_user/Makefile
creating helpers/external_acl/ldap_group/Makefile
creating helpers/external_acl/unix_group/Makefile
creating helpers/external_acl/wbinfo_group/Makefile
creating helpers/external_acl/winbind_group/Makefile
creating include/autoconf.h
include/autoconf.h is unchanged

-----Original Message-----
From: Jerry Murdock [mailto:jmurdock@itraktech.com]
Sent: Monday, September 23, 2002 5:16 PM
To: Paul Norris; squid-users@squid-cache.org
Subject: Re: [squid-users] Popup login and password box with Winbind
authenticators

About as I expected.

Your winbind setup seems sound, and the basic wb_auth helper appears to be
functioning correctly.

What is significant is that IE is only displaying the basic auth dialog. To
my knowledge IE will not fall back to basic auth if ntlm has been offered -
which means either squid is not offering ntlm or IE isn't seeing it. IOW, I
doubt it is a helper problem or a winbind problem, but something going in
with squid before it gets that far.

Are you sure squid was configured with '--enable-auth="ntlm,basic"' ?

I'm not sure how much of the ntlm code is conditionally included, or if any
errors would be generated if you tried to load an ntlm helper without
enabling ntlm in configure.

Jerry

----- Original Message -----
From: "Paul Norris" <PaulNorris@CunninghamResearch.com>
To: "'Jerry Murdock'" <jmurdock@itraktech.com>;
<squid-users@squid-cache.org>
Sent: Monday, September 23, 2002 4:49 PM
Subject: RE: [squid-users] Popup login and password box with Winbind
authenticators

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Alright, I installed the webmin stuff and apache real quick. This is
> the output from ntlm stats. I have tried to authenticate from 3
> different win2k boxes and it just lists requests sent and replied as
> 0.
>
> NTLM Authenticator Statistics:
> number running: 10 of 10
> requests sent: 0
> replies received: 0
> queue length: 0
> avg service time: 0 msec
>
>
> # FD PID # Requests # Deferred Requests Flags Time Offset Request 1 12
> 228 0 0 A 2018299.960 0 (none) 2 13 229 0 0 A 2018299.960 0 (none)
> 3 14 230 0 0 A 2018299.960 0 (none)
> 4 15 231 0 0 A 2018299.960 0 (none)
> 5 16 232 0 0 A 2018299.960 0 (none)
> 6 17 233 0 0 A 2018299.960 0 (none)
> 7 18 234 0 0 A 2018299.960 0 (none)
> 8 19 235 0 0 A 2018299.960 0 (none)
> 9 20 236 0 0 A 2018299.960 0 (none)
> 10 21 237 0 0 A 2018299.960 0 (none)
>
> Flags key:
>
> A = ALIVE
> B = BUSY
> C = CLOSING
> R = RESERVED or DEFERRED
> S = SHUTDOWN
> P = PLACEHOLDER
>
Received on Mon Sep 23 2002 - 16:07:53 MDT