Hi guys,
I've been reading up on this stuff for over a week now, trying to work
out where i've gone wrong, but can't see anything, so am reaching out
to you with the hope someone else has gone through the pain of this
and can point me in the right direction :)
I am currently running SquidNT 2.7 stable4 on Server 2003 (non-domain
environment) in Basic authentication mode (as it's the only
authentication mode I can currently get to work).
My current "auth" stuff which is working is set up like :
(note - Squid is installed on e:/ rather than c:/ due to space restrictions)
auth_param basic program e:/squid/libexec/ncsa_auth.exe e:/squid/etc/passwd
acl authd proxy_auth REQUIRED
acl localnet src 192.168.0.0/16
http_access allow authd
http_access allow localnet
http_access deny all
And that is currently working. However, I want to be able to
authenticate against user accounts on the 2k3 box, rather than having
to administer a password file (and because the usage application i'm
looking at using requires authentication with username etc. in the log
file).
I've mucked around with mswin_check_lm_group.exe and mswin_auth.exe
and not had much joy - the main thing being when I try to start the
service, I get the following error :
Error 1067: The process terminated unexpectedly.
This is gotten to using the following in my squid.conf :
auth_param basic program e:/squid/libexec/mswin_auth -A proxyusers
auth_param basic children 5
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl authd proxy_auth REQUIRED
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
http_access allow authd
http_access allow localnet
http_access deny all
icp_access allow localnet
icp_access deny all
Now, part of my reading has involved things relating to this, and most
of them have talked about running squid with the -z option to create
directories etc. However, I don't believe that's the issue in my case
for 2 reasons :
1) It works fine with my original squid.con - it's only when I change
to the one i'm testing the other auth types witht hat it bombs out and
2) I've tried running with the -z and it has the same issue (slight
side-note, when I DO run it from the command prompt with the -z, I get
the error
2008/10/10 12:44:04| parseConfigFile: squid.conf:1 unrecognized: '´╗┐'
So - any suggestions on where to go to from here would be much appreciated :)
Received on Fri Oct 10 2008 - 02:54:42 MDT
This archive was generated by hypermail 2.2.0 : Fri Oct 10 2008 - 12:00:02 MDT