On Fri, 15 Oct 2004, Hal Douglas wrote:
> I need some help sorting out a problem I've got with ntlm_auth using squid
> and winbind. I'm using Squid-2.5.STABLE6 and Samba 3.0.7.
Make sure to use the ntlm_auth from Samba, not the one from Squid. But I
think you have done this already.
> # wbinfo -t
> checking the trust secret via RPC calls succeeded
Good.
>
> # wbinfo -a username%password
> plaintext password authentication succeeded
> challenge/response password authentication succeeded
Good.
> However, if I do as per the docs I'm following:
>
> # wbinfo -a mydomain\\username%password
> plaintext password authentication failed
> error code was NT_STATUS_NO_SUCH_USER (0xc0000064)
> error messsage was: No such user
> Could not authenticate user mydomain\username%password with plaintext
> password
> challenge/response password authentication failed
> error code was NT_STATUS_NO_SUCH_USER (0xc0000064)
> error messsage was: No such user
> Could not authenticate user mydomain\username with challenge/response
This is somewhat winbind version specific and may also be dependent on
your smb.conf settings for the domain separator. But as the test above
succeeded this is not critical.
> But, doing:
>
> # /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-basic
> mydomain+username password
> OK
Good.
> So, does anyone know what I've done wrong here, if anything? It seems to me
> that it SHOULD be working, unless I've got something wrong in the squid or
> samba .conf files. I wont post those, because this email is long enough
> already, but I'll provide links to them.
Are you using NTLM or Basic authentication?
Please enable log_mime_hdrs, then test with a dummy account and post the
result here, inlcuding the supposed account name and password. Also post
any cache.log messages if there is any with the default log levels.
Regards
Henrik
Received on Fri Oct 15 2004 - 01:46:35 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Nov 01 2004 - 12:00:02 MST