[squid-users] Failure with squid and NTLM auth

Hi All

I have build squid 2.5-STABLE6 on redhat 7.3 with the the folowing command

/configure --prefix=/usr/local/squid --sysconfdir=/etc/squid
--enable-auth="ntlm,basic"
--enable-external-acl-helpers="wbinfo_group"
--with-samba-sources=/opt/samba-3.0.6

I use samba 3.0.6 and it is build with

./configure --with-winbind --prefix=/usr/local/samba
--sysconfdir=/etc/samba --with-configdir=/etc/samba
--with-privatedir=/etc/samba/private --with-lockdir=/var/lock
--with-smbmount --with-quotas --with-winbind-auth-challenge
--with-automount

I have a windows 2000 domain runinng active directory, my smb.conf is
fine as I can execute both wbinfo -t and wbinfo -u without any
problems. The part of my squid conf that deals with ntlm looks like
this

auth_param ntlm program /usr/local/samba/bin/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param ntlm use_ntlm_negotiate off
auth_param basic program /usr/local/samba/bin/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
external_acl_type nt_group ttl=0 concurrency=5 %LOGIN
/usr/local/squid/libexec/wbinfo_group.pl

I i try this proxy using a windows XP workstation, running ie6 then I
get the folowing error in
/var/log/messages:

authenticateNTLMHandleReply: *** Unsupported helper response ***, 'ERR'

In /car/log/squid/acced.log i get:

1095427620.272 2 172.29.10.137 TCP_DENIED/407 587 GET
http://www.kde.org/ - NONE/- text/html

I have debuging set as: debug_options ALL,1 29,9 (ia also tried
debug_options ALL,1 33,2, this did not change anything).

Does anyone have an idea where I can go from here in order to break
this problem down to smaller peaces, the messages in /var/log/messages
 are not excatly that helpfull.

Regards.

Lars Roland
Received on Fri Sep 17 2004 - 07:43:22 MDT