RE: RE: [squid-users] Squid & ntlm & Samba 3

I think I found your problem. In the squid.conf file try this:

auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp

I think you were missing the dash between helper and protocol, and the same
for basic auth.

Jim

-----Original Message-----
From: zottmann@ig.com.br [mailto:zottmann@ig.com.br]
Sent: Wednesday, December 17, 2003 12:33 PM
To: jcrippen@eliteint.com; 'Squid-Users (E-mail)'
Subject: Re: RE: [squid-users] Squid & ntlm & Samba 3

Hi !!

Our cache.log has the following entries:

2003/12/17 16:29:51| helperStatefulOpenServers: Starting 5 'ntlm_auth'
processes
2003/12/17 16:29:52| helperOpenServers: Starting 5 'ntlm_auth' processes
username must be specified!

Usage: [OPTION...]
  --helper-protocol=helper protocol to use operate as a stdio-based
helper
  --username=STRING username
  --domain=STRING domain name
  --workstation=STRING workstation

Seems like nltm_auth is complaining to squid about the lack of a username,
in startup time !!

Any ideas??

Regards,
Carlos.

Em 17 Dec 2003, Jim Crippen escreveu:

>Here's a clip from my cache.log where you can see the ntlm_auth helper
doing
>its thing:
>
>2003/12/17 11:20:01| The request GET http://opensource.franz.com/ntservice/

>is DENIED, because it matched 'allowed'
>2003/12/17 11:20:01| The request GET http://opensource.franz.com/ntservice/

>is DENIED, because it matched 'allowed'
>2003/12/17 11:20:01| clientReadRequest: FD 36: no data to process ((11)
>Resource temporarily unavailable)
>[2003/12/17 11:20:01, 10] lib/util.c:dump_data(1825)
> [000] 4E 54 4C 4D 53 53 50 00 03 00 00 00 18 00 18 00 NTLMSSP. ........
> [010] 51 00 00 00 18 00 18 00 69 00 00 00 08 00 08 00 Q....... i.......
> [020] 40 00 00 00 04 00 04 00 48 00 00 00 05 00 05 00 @....... H.......
> [030] 4C 00 00 00 00 00 00 00 81 00 00 00 06 02 00 20 L....... .......
> [040] 45 4C 49 54 45 48 4F 55 4A 49 4D 43 52 4F 57 41 ELITEHOU JIMCROWA
> [050] 4E 9E 2B 96 8A ED E2 74 43 93 7A E7 3A 2A E0 CB N.+..íât C.zç:*àË
> [060] B6 C2 E5 45 A6 2C 75 FF 75 1E 21 47 A0 EE E3 4F ¶ÂåE¦,uÿ u.!G îãO
> [070] 04 35 BC CA 03 B7 63 79 3A CA 02 39 83 F3 C6 CF .5¼Ê.·cy :Ê.9.óÆÏ
> [080] 35 5
>[2003/12/17 11:20:01, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(285)
> Got user=[JIMC] domain=[ELITEHOU] workstation=[ROWAN] len1=24 len2=24
>2003/12/17 11:20:01| authenticateAuthUserRequestSetIp: user 'ELITEHOU\JIMC'

>has been seen at a new IP address (192.168.12.50)
> 2003/12/17 11:20:01| The request GET
http://opensource.franz.com/ntservice/
>is ALLOWED, because it matched 'allowed'
>2003/12/17 11:20:01| The reply for GET
>http://opensource.franz.com/ntservice/ is ALLOWED, because it matched 'all'

>2003/12/17 11:20:01| storeCreate: Selected dir '0' for obj size '2438'
>
>Try increasing your debugging in your squid.conf file --> debug_options
>ALL,2 (up to 9 depending on the level you want). Also, I'd take a look at
>the winbindd.log file from samba. That's where I found my problems with
>this getting it set up.
>
>Jim
>
>-----Original Message-----
>From: Henrik Nordstrom [mailto:hno@squid-cache.org]
>Sent: Wednesday, December 17, 2003 10:51 AM
>To: zottmann@ig.com.br
>Cc: hno@squid-cache.org; squid-users@squid-cache.org
>Subject: Re: [squid-users] Squid & ntlm & Samba 3
>
>On Wed, 17 Dec 2003 zottmann@ig.com.br wrote:
>
>> Also, I didn´t see ntlm_auth in the process list (ps auxf)
>
>Then there is a problem in the helper specification.
>
>Anything relevant in cache.log before this? (from the message where Squid
>says it is starting the helpers and down to the last error messag)
>
>Anything in the Samba logs?
>
>REgards
>Henrik
>
>----------

_________________________________________________________
Voce quer um iGMail protegido contra vírus e spams?
Clique aqui: http://www.igmailseguro.ig.com.br
Ofertas imperdíveis! Link: http://www.americanas.com.br/ig/
Received on Wed Dec 17 2003 - 11:50:00 MST