RE: [squid-users] auth. user against AD group

I think your winbind question is more a question to the Samba people
than Squid.

If using winbind fails you always have LDAP.. (works with all modes of
AD, but cannot provide NTLM)

Regards
Henrik

tis 2003-02-18 klockan 09.50 skrev KaiserM@Gendorf.de:
> Hello,
>
> I'm using Squid-2.5.STABLE1 and samba-2.2.5 (also tried samba-2.2.4)
> i also tried samba-2.2.7a and squid-2.5.STABLE1-20030218
>
> but always the same. I see the trusted Domain`s groups. And the AD is "DISCONNECTED"
>
> ...sorry but could there be something at the Win2000 AD Box?
> But what? I do not administrate these boxes.
>
>
>
> > -----Original Message-----
> > From: Henrik Nordstrom [mailto:hno@squid-cache.org]
> > Sent: Tuesday, February 18, 2003 9:33 AM
> > To: KaiserM@Gendorf.de; squid-users@squid-cache.org
> > Subject: Re: [squid-users] auth. user against AD group
> >
> >
> > Which Samba version are you using? And which Squid version?
> >
> > Regards
> > Henrik
> >
> >
> > On Tuesday 18 February 2003 08.59, KaiserM@Gendorf.de wrote:
> > > Hallo,
> > >
> > > changing the config do not solve the problem.
> > > I think there is something wrong whit the winbindd, is it possible?
> > >
> > > when i make a wbinfo "--sequence" i get a DISCONNECTED (only the
> > > Domain where my Linux box is in) Other Domains, e.g. A
> > trusted NT4, is
> > > visible.
> > >
> > > Authenticate a user to AD is possible.
> > >
> > > wbinfo -t gives me:
> > > secred is good
> > >
> > > Any idea.
> > >
> > > I know thats a bit OT, sorry
> > >
> > > Thanks
> > >
> > > > -----Original Message-----
> > > > From: Henrik Nordstrom [mailto:hno@squid-cache.org]
> > > > Sent: Saturday, February 08, 2003 1:51 AM
> > > > To: Guido Serassio
> > > > Cc: KaiserM@Gendorf.de; squid-users@squid-cache.org
> > > > Subject: Re: [squid-users] auth. user against AD group
> > > >
> > > > Guido Serassio wrote:
> > > > > Hi,
> > > > >
> > > > > Il 10.04 07/02/2003 KaiserM@Gendorf.de ha scritto:
> > > > > >Hello List,
> > > > > >
> > > > > >my problem ist to get user authenticated against a AD.
> > > > > >
> > > > > >
> > > > > > external_acl_type NT_global_group
> > > > > > %LOGIN /usr/lib/squid/wb_group
> > > > > > acl ieuser external
> > > >
> > > > NT_global_group Datkom
> > > >
> > > > > > acl proxy_auth REQUIRED
> > > > > > http access allow ieuser
> > > > >
> > > > > Wrong squid.conf settings:
> > > > >
> > > > > Try using;
> > > > >
> > > > > acl password proxy_auth REQUIRED
> > > > >
> > > > > http access allow password ieuser
> > > >
> > > > You do not actually need to use a proxy_auth acl if your
> > are using a
> > > > external_acl_type with %LOGIN, they both do the same
> > thing (trigger
> > > > authentication).
> > > >
> > > > Regards
> > > > Henrik
> >

-- 
Henrik Nordstrom <hno@squid-cache.org>
MARA Systems AB, Sweden