Yeah I have the perms on that dir to 0750 with squid
as the group owner. Also have the user squid in the
squid group.
--- lists@dedicated-web.net wrote:
> Quoting Adam Aube <aaube01@baker.edu>:
>
> > Johnny Doe wrote:
> > > --- Adam Aube <aaube01@baker.edu> wrote:
> > >> Johnny Doe wrote:
> > >>> --- Adam Aube <aaube01@baker.edu> wrote:
> >
> > >>>> To clarify: as the user Squid runs as, have
> you used wbinfo -a to
> > >>>> perform an authentication test, and did you
> see success
> > >>>> for both plaintext and challenge response
> authentication?
> >
> > >>> Yes the wbinfo -a run as user squid gives me
> back
> > >>> plaintext password authentication succeeded
> > >>> challenge/response password authentication
> succeeded
> >
> > >>> If I put squid-2.5-basic i get prompted for
> username/password and
> > >>> everything works fine, it's just
> squid-2.5-ntlmssp that I'm having
> > >>> problems with. Not sure if this help but in
> my winbindd.log I keep
> > >>> getting this:
> > >>
> > >>> [2004/07/26 11:49:39, 1]
> > >>>
> nsswitch/winbindd_group.c:winbindd_getgroups(1029)
> > >>> user 'squid' does not exist
> > >>
> > >> Odd. Can you post the exact command(s) you used
> to run the wbinfo -a test
> > >> as the squid user? If the password is on the
> command line, you can munge
> > >> that.
> >
> > > -bash-2.05b$ wbinfo -a 465732%######
> > > plaintext password authentication succeeded
> > > challenge/response password authentication
> succeeded
> > >
> > > 465732 being the username and ###### being the
> > > password
> >
> > Since you didn't explicitly show it, I'm going to
> guess that you did a "su
> > squid" before running wbinfo.
> >
> > Have you added any winbind lines to nsswitch.conf
> or PAM? If all you are
> > using winbind for is Squid integration with a
> Windows domain, you don't
> > need those lines and can take them out.
> >
> > That might be the source of the odd lines in
> winbindd.log, but that still
> > won't explain why NTLM auth isn't working.
> >
> > Just to be thorough, can you post your smb.conf
> file and the output of
> > "squid -v"?
> >
> > Adam
> >
> >
>
> One thing that Adam pointed out to me when I was
> having similar problems was that the
> permissions on the winbind_privileged pipe need to
> be accessible by the user Squid
> runs as - I thought I had read and checked
> everything like yourself, but I had
> overlooked this important step. If I overlooked
> this, then I guess it is possible
> that others like yourself may do also :)
>
> It is mentioned in the FAQ
>
http://www.squid-cache.org/Doc/FAQ/FAQ-23.html#ss23.5
> -
> just do a search on the page for "winbind privileged
> pipe permissions"
>
> Regards,
> Rob Hadfield
>
>
__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail
Received on Tue Jul 27 2004 - 06:20:11 MDT
This archive was generated by hypermail pre-2.1.9 : Sun Aug 01 2004 - 12:00:02 MDT