Re: [squid-users] SquidNT authentication issues

From: Grin King <grinking_at_gmail.com>
Date: Fri, 10 Oct 2008 17:28:00 +1000

I kinda wondered about that myself - but i'm using Notepad in windows
for editing the files - so would have thought it was fine...

However... on checking, my conf file that IS working also has the same
issue when run from the command prompt - but it still works.

In the mean-time, I checked, and the files ARE saved in UTF-8 format -
so have saved in ANSI, and it's cleared it up for both, and now the NT
authentication is working :D

Thanks for the assistance... I was running out of hair to pull out lol.

On Fri, Oct 10, 2008 at 2:19 PM, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> Grin King wrote:
>>
>> Hi guys,
>>
>> I've been reading up on this stuff for over a week now, trying to work
>> out where i've gone wrong, but can't see anything, so am reaching out
>> to you with the hope someone else has gone through the pain of this
>> and can point me in the right direction :)
>>
>> I am currently running SquidNT 2.7 stable4 on Server 2003 (non-domain
>> environment) in Basic authentication mode (as it's the only
>> authentication mode I can currently get to work).
>>
>> My current "auth" stuff which is working is set up like :
>> (note - Squid is installed on e:/ rather than c:/ due to space
>> restrictions)
>>
>> auth_param basic program e:/squid/libexec/ncsa_auth.exe
>> e:/squid/etc/passwd
>> acl authd proxy_auth REQUIRED
>> acl localnet src 192.168.0.0/16
>>
>> http_access allow authd
>> http_access allow localnet
>> http_access deny all
>>
>>
>> And that is currently working. However, I want to be able to
>> authenticate against user accounts on the 2k3 box, rather than having
>> to administer a password file (and because the usage application i'm
>> looking at using requires authentication with username etc. in the log
>> file).
>>
>> I've mucked around with mswin_check_lm_group.exe and mswin_auth.exe
>> and not had much joy - the main thing being when I try to start the
>> service, I get the following error :
>>
>> Error 1067: The process terminated unexpectedly.
>>
>> This is gotten to using the following in my squid.conf :
>>
>> auth_param basic program e:/squid/libexec/mswin_auth -A proxyusers
>> auth_param basic children 5
>>
>> acl all src all
>> acl manager proto cache_object
>> acl localhost src 127.0.0.1/32
>> acl to_localhost dst 127.0.0.0/8
>>
>> acl authd proxy_auth REQUIRED
>> acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
>>
>> # Only allow cachemgr access from localhost
>> http_access allow manager localhost
>> http_access deny manager
>>
>> # Deny requests to unknown ports
>> http_access deny !Safe_ports
>>
>> # Deny CONNECT to other than SSL ports
>> http_access deny CONNECT !SSL_ports
>>
>> http_access allow authd
>> http_access allow localnet
>> http_access deny all
>>
>> icp_access allow localnet
>> icp_access deny all
>>
>> Now, part of my reading has involved things relating to this, and most
>> of them have talked about running squid with the -z option to create
>> directories etc. However, I don't believe that's the issue in my case
>> for 2 reasons :
>>
>> 1) It works fine with my original squid.con - it's only when I change
>> to the one i'm testing the other auth types witht hat it bombs out and
>> 2) I've tried running with the -z and it has the same issue (slight
>> side-note, when I DO run it from the command prompt with the -z, I get
>> the error
>>
>> 2008/10/10 12:44:04| parseConfigFile: squid.conf:1 unrecognized: '´╗┐'
>>
>> So - any suggestions on where to go to from here would be much appreciated
>> :)
>
>
> Look like your other (newly edited) squid.conf file might have been
> corrupted with some binary data. It's supposed to be a plain ASCII text
> file. Check that your editor is not saving it as RTF or SYLK format text.
>
> Amos
> --
> Please use Squid 2.7.STABLE4 or 3.0.STABLE9
>
Received on Fri Oct 10 2008 - 07:28:04 MDT

This archive was generated by hypermail 2.2.0 : Fri Oct 10 2008 - 12:00:02 MDT