Adam Aube wrote:
> Norman Zhang wrote:
>>I copied wbinfo_group into /usr/lib/squid/ and restarted Squid, but
>>still no luck, now /var/log/syslog looks like follows.
>
>>Jun 11 15:32:09 proxy squid[8502]: Squid Parent: child process 8532
>>started Jun 11 15:32:12 proxy (squid): authenticateNTLMHandleReply: called
>>with no result string
>
>>Do you see anything wrong with my /etc/squid/squid.conf?
>
> Yes.
>
>>auth_param ntlm program /usr/bin/ntlm_auth
>>--helper-protocol=squid-2.5-basic
>
> The helper protocol needs to be "squid-2.5-ntlmssp".
>
> This is in the Winbind FAQ:
>
> http://www.squid-cache.org/Doc/FAQ/FAQ-23.html#ss23.5
Thank you so much.
[root@proxy squid]# wbinfo -a arkondomain\\nzhang%testing123
plaintext password authentication succeeded
challenge/response password authentication succeeded
but /var/log/squid/cache.log complains
[2004/06/11 18:03:23, 0] utils/ntlm_auth.c:winbind_pw_check(349)
Login for user [ARKONDOMAIN]\[NZHANG]@[2D-052] failed due to [winbind
client not authorized to use winbindd_pam_auth_crap. Ensure permissions
on /var/cache/samba/winbindd_privileged are set correctly.]
[2004/06/11 18:03:23, 0]
utils/ntlm_auth.c:manage_squid_ntlmssp_request(530) NTLMSSP BH:
NT_STATUS_ACCESS_DENIED
I'm not sure if I should set world readable to
/var/cache/samba/winbindd_privileged as I never had to do this with
Squid-2.5STABLE2 and Samba 2.2.8a. Is this the right way of doing things?
Regards,
Norman
Received on Fri Jun 11 2004 - 19:11:56 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:02 MDT