Grin King wrote:
> Hi guys,
>
> I've been reading up on this stuff for over a week now, trying to work
> out where i've gone wrong, but can't see anything, so am reaching out
> to you with the hope someone else has gone through the pain of this
> and can point me in the right direction :)
>
> I am currently running SquidNT 2.7 stable4 on Server 2003 (non-domain
> environment) in Basic authentication mode (as it's the only
> authentication mode I can currently get to work).
>
> My current "auth" stuff which is working is set up like :
> (note - Squid is installed on e:/ rather than c:/ due to space restrictions)
>
> auth_param basic program e:/squid/libexec/ncsa_auth.exe e:/squid/etc/passwd
> acl authd proxy_auth REQUIRED
> acl localnet src 192.168.0.0/16
>
> http_access allow authd
> http_access allow localnet
> http_access deny all
>
>
> And that is currently working. However, I want to be able to
> authenticate against user accounts on the 2k3 box, rather than having
> to administer a password file (and because the usage application i'm
> looking at using requires authentication with username etc. in the log
> file).
>
> I've mucked around with mswin_check_lm_group.exe and mswin_auth.exe
> and not had much joy - the main thing being when I try to start the
> service, I get the following error :
>
> Error 1067: The process terminated unexpectedly.
>
> This is gotten to using the following in my squid.conf :
>
> auth_param basic program e:/squid/libexec/mswin_auth -A proxyusers
> auth_param basic children 5
>
> acl all src all
> acl manager proto cache_object
> acl localhost src 127.0.0.1/32
> acl to_localhost dst 127.0.0.0/8
>
> acl authd proxy_auth REQUIRED
> acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
>
> # Only allow cachemgr access from localhost
> http_access allow manager localhost
> http_access deny manager
>
> # Deny requests to unknown ports
> http_access deny !Safe_ports
>
> # Deny CONNECT to other than SSL ports
> http_access deny CONNECT !SSL_ports
>
> http_access allow authd
> http_access allow localnet
> http_access deny all
>
> icp_access allow localnet
> icp_access deny all
>
> Now, part of my reading has involved things relating to this, and most
> of them have talked about running squid with the -z option to create
> directories etc. However, I don't believe that's the issue in my case
> for 2 reasons :
>
> 1) It works fine with my original squid.con - it's only when I change
> to the one i'm testing the other auth types witht hat it bombs out and
> 2) I've tried running with the -z and it has the same issue (slight
> side-note, when I DO run it from the command prompt with the -z, I get
> the error
>
> 2008/10/10 12:44:04| parseConfigFile: squid.conf:1 unrecognized: '´╗┐'
>
> So - any suggestions on where to go to from here would be much appreciated :)
Look like your other (newly edited) squid.conf file might have been
corrupted with some binary data. It's supposed to be a plain ASCII text
file. Check that your editor is not saving it as RTF or SYLK format text.
Amos
-- Please use Squid 2.7.STABLE4 or 3.0.STABLE9Received on Fri Oct 10 2008 - 04:19:46 MDT
This archive was generated by hypermail 2.2.0 : Fri Oct 10 2008 - 12:00:02 MDT