Re: [squid-users] Configuring wb_group from Scott Kern on 2002-11-20 (squid-users)

From: Scott Kern <skern@dont-contact.us>
Date: Wed, 20 Nov 2002 11:22:58 -0500

Thank you very much for the help.

I added the following and squid starts without any errors. One problem down, many more to go. :)

Now authenticating from the browser fails. I'm using Netscape 4.79 on a system running Red Hat 7.3. I'm entering my Windows user name and password or do I need to add the domain or group?

The access.log entry is:
1037809148.392 3 172.19.10.20 TCP_DENIED/407 1750 GET http://www.rootprompt.org/ - NONE/- text/html

Which looks like the user name isn't being passed on.

>>> Edward Mann <edward@arctechnology.com> 11/19/02 04:01PM >>>

auth_param ntlm program /usr/lib/squid/wb_ntlmauth
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

auth_param basic program /usr/lib/squid/wb_auth
auth_param basic children 5
auth_param basic realm ChoicePoint Proxy server
auth_param basic credentialsttl 2 hours

external_acl_type NT_global_group %LOGIN /usr/lib/squid/wb_group

acl FullAccess external NT_global_group Domain_Group

http_access allow FullAccess

Do you have something like that?

On Tue, 2002-11-19 at 14:54, Scott Kern wrote:
> I'm trying to setup squid to use wb_group.
>
> Testing wb_group, I type domain+username group and get ERR.
> Both wbinfo -u & -g report back users and groups.
>
> In squid.conf, I have
>
> external_acl_type NT_global_group %LOGIN /usr/local/squid/libexec/wb_group
> acl ProxyUsers external NT_global_group <group>
> acl internetusers proxy_auth REQUIRED
> http_access allow internetusers ProxyUsers
>
> When I start squid, I get:
> 2002/11/19 15:46:56| aclParseAclLine: IGNORING: Proxy Auth ACL 'acl internetusers proxy_auth REQUIRED' because no authentication schemes are fully configured.
> 2002/11/19 15:46:56| aclParseAclLine: IGNORING invalid ACL: acl internetusers proxy_auth REQUIRED
> 2002/11/19 15:46:56| squid.conf line 1718: http_access allow internetusers ProxyUsers
> 2002/11/19 15:46:56| aclParseAccessLine: ACL name 'internetusers' not found.
> FATAL: Bungled squid.conf line 1746: acl ProxyUsers external NT_global_group CTX-InternetDL
> Squid Cache (Version 2.5.STABLE1): Terminated abnormally.
> CPU Usage: 0.006 seconds = 0.004 user + 0.002 sys
> Maximum Resident Size: 0 KB
> Page faults with physical i/o: 207
> Aborted
>
> Where am I going wrong.
Received on Thu Nov 21 2002 - 10:24:02 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:29 MST