[squid-users] squid ntlm_auth not working against samba PDC version above 3.0.26a

Hello.
I am using squid with ntlm authentication against a samba
PDC. It has
worked for me perfectly in debian etch with samba version
3.0.24, and
ubuntu Gutsy with samba 3.0.26a.

But when I have upgraded those
servers to hardy (samba 3.0.28a) and lenny (3.2.3), then
squid auth has stopped working, without any other config change.

Squid version I am using are 2.6.STABLE16 and 2.7.STABLE3.
I am using the ntlm_auth helper thatcomes with squid. I
think maybe the one that comes with samba would work better,
but the problem is that it requires winbind, and since I am
running sqquid in the same box as the PDC, I don't know
if winbind would work.
 
This is the relevant section of my squid.conf file:

# ntlm authentication
auth_param ntlm program /usr/lib/squid/ntlm_auth -d
cfs/sanmiguel
auth_param ntlm children 5
 
This the error log from cache.log:

ntlm_auth[6525](ntlm_auth.c:284): managing request
ntlm_auth[6525](ntlm_auth.c:290): ntlm authenticator. Got 'YR TlRMTVNTUAABAAAAB7IIogMAAwAzAAAACwALACgAAAAFASgKAAAAD1NBTkpVQU4tV0lOQ0ZT' from Squid
ntlm_auth[6525](ntlm_auth.c:239): obtain_challenge: selecting CFS\SANMIGUEL (attempt #1)
ntlm_auth[6525](ntlm_auth.c:251): attempting challenge retrieval
ntlm_auth[6525](libntlmssp.c:119): Connecting to server SANMIGUEL domain CFS
ntlm_auth[6525](ntlm_auth.c:253): make_challenge retuned 0x8053640
ntlm_auth[6525](ntlm_auth.c:255): Got it
ntlm_auth[6525](ntlm_auth.c:437): sending 'TT TlRMTVNTUAACAAAAAwADACgAAACCgkEANvB2+cNQb/IAAAAAAAAAAENGUw==' to squid
ntlm_auth[6525](ntlm_auth.c:284): managing request
ntlm_auth[6525](ntlm_auth.c:290): ntlm authenticator. Got 'KK TlRMTVNTUAADAAAAGAAYAF4AAAAYABgAdgAAAAMAAwBIAAAACAAIAEsAAAALAAsAUwAAAAAAAACOAAAABoIAAgUBKAoAAAAPQ0ZTSk1DT1JSQUxTQU5KVUFOLVdJTokKMOkDJf4n5BNKsTrIbb66D8u2KMoPtfikZvEncvDGXbVDxik4H698mycLU0Jtzj==' from Squid
ntlm_auth[6525](libntlmssp.c:268): Empty LM pass detection: user: 'JMCORRAL', ours:'�r��"M'G�� �p��е=�S$��+u׹��w�ߛhh�]�S1���Request completed sucessfully.', his: '�
0�%�'�J�:�m��˶(���f�'r��]�C�)8�|�'
                                     SBm�0'(length: 24)
ntlm_auth[6525](libntlmssp.c:280): Empty NT pass detection: user: 'JMCORRAL', ours:'��+u׹��w�ߛhh�]�S1���Request completed sucessfully.', his: '��f�'r��]�C�)8�|�'
  SBm�0'(length: 24)
ntlm_auth[6525](libntlmssp.c:294): checking domain: 'CFS', user: 'JMCORRAL', pass='�
0�%�'�J�:�m��˶(�'
ntlm_auth[6525](libntlmssp.c:297): Login attempt had result -1
ntlm_auth[6525](ntlm_auth.c:350): No creds. SMBlib error 1, SMB error class 1, SMB error code 5, NB error 0
ntlm_auth[6525](ntlm_auth.c:371): DOS error
ntlm_auth[6525](ntlm_auth.c:376): sending 'NA Access denied' to squid

Any help would be much appreciated. Thank you very much.
Juan.
Received on Fri Oct 03 2008 - 14:32:02 MDT