On Mon, 4 Oct 2004, Michael Wray wrote:
> Have read, and followed to best of my ability the squid FAQ and
> winbind/nmb/samba man pages. Things that work: All of the command line
> based tests work, as you will see when you look below. But when I try to
> authenticate with a browser I get denied, and the following info in
> cache.log and log.winbindd. If I modify the permissions on
> /var/db/samba/winbindd_privileged, that breaks the wbinfo tests saying that
> the permissions on that file are incorrect.
> ------------------tail of cache.log ----------------
>
> [2004/10/04 11:40:17, 0] utils/ntlm_auth.c:winbind_pw_check(439)
> Login for user [DOMAIN]\[GOODUSER]@[WIN_2K_TEST] failed due to [winbind
> client not authorized to use winbindd_pam_auth_crap. Ensure permissions on
> /var/db/samba/winbindd_privileged are set correctly.]
The permissions on /var/db/samba/winbindd_privileged is not set correctly
allowing your Squid cache_effective_user access to this pipe.
The permissions should be
User: root
Group: Your cache_effective_group
Permissions: o=rwx, g=rx, o=
Regards
Henrik
Received on Tue Oct 05 2004 - 10:19:31 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Nov 01 2004 - 12:00:01 MST