[squid-users] squid authentication - need help.

From: <efenner@dont-contact.us>
Date: Tue, 4 Nov 2003 09:19:26 -0300

Hi! I'm trying to authenticate Windows users (2K domain with NT compatibility) in squid. Something is wrong, but i don't see. I have read FAQ, HOWTO, Tutorials, and lots of Google searches. Scenario: parent proxy (pass all) || || \/ my proxy <=========================== Windows server to authenticate users (block sites with squidGuard) (same net as my proxy) Parent is working SquidGuard is working. I've made a test with smb_auth and it worked. Says OK. ---- test begin ----- # /usr/local/bin/smb_auth -W MYDOMAIN -d myusername mypassword Domain name: MYDOMAIN Pass-through authentication: no Query address options: Domain controller IP address: 10.151.1.1 Domain controller NETBIOS name: SFCTRS1 Contents of //SFCTRS1/NETLOGON/proxyauth: allow OK ---- test end ----- Linux distribuition: Conectiva Squid version: squid-2.5.1-2cl Samba: samba-common-2.2.8-1U70_2cl samba-clients-2.2.8-1U70_2cl samba-2.2.8-1U70_2cl When I try to start squid with authentication this is returned: === output begin === Iniciando squid 2003/11/03 18:19:14| parseConfigFile: line 35 unrecognized: 'authenticate_program /usr/local/bin/smb_auth -W MSRS' 2003/11/03 18:19:14| aclParseAclLine: IGNORING: Proxy Auth ACL 'acl domainusers proxy_auth REQUIRED' because no authentication schemes are fully configured. 2003/11/03 18:19:14| aclParseAclLine: IGNORING invalid ACL: acl domainusers proxy_auth REQUIRED 2003/11/03 18:19:14| squid.conf line 37: http_access allow domainusers 2003/11/03 18:19:14| aclParseAccessLine: ACL name 'domainusers' not found. 2003/11/03 18:19:14| squid.conf line 37: http_access allow domainusers 2003/11/03 18:19:14| aclParseAccessLine: Access line contains no ACL's, skipping === output end === Here some lines of squid.conf --- begin --- # SquidGuard redirect_program /usr/local/bin/squidGuard -c /etc/squidGuard/squidGuard.conf redirect_children 4 # authentication authenticate_program /usr/local/bin/smb_auth -W MYDOMAIN acl domainusers proxy_auth REQUIRED http_access allow domainusers auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hour # parent proxy cache_peer parentproxy.domain parent 80 3130 no-query default acl all src 0.0.0.0/0.0.0.0 never_direct allow all --- end --- And minimum acl configuration enabled. Thanks fou your help. Elton S. Fenner efenner@terra.com.br --------------------------------------------------- / ___ ~ Chimarrão Virtual \==/ _\_/_ /|~ ---------------------- (o< / \ / |/ O chimarrão é uma tra- //\ \ / | | dição, que todos deve- V_/_ \/ |_____| mos cultivar em nossas raízes. ___________________________________________________ Seja livre não use software pirata use LINUX. ---------------------------------------------------
Received on Tue Nov 04 2003 - 05:19:29 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:21:05 MST