Thanks for the quick response.
And, yes i will install squid using apt-get install command.
The basic winbindd functionality "wbinfo -t": is not successful
wbinfo -t
checking the trust secret via RPC calls failed
error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc0000233)
Could not check secret
Even, wbinfo -a mydomain\\myuser%mypasswd is unsuccessful
Wondering how i should proceed without this?
Avinash
On Mon, Aug 17, 2009 at 1:15 PM, Amos Jeffries<squid3_at_treenet.co.nz> wrote:
> [re-inserting squid-users mailing list]
>
> Avinash Rao wrote:
>>
>>
>> On Mon, Aug 17, 2009 at 11:30 AM, Amos Jeffries <squid3_at_treenet.co.nz
>> <mailto:squid3_at_treenet.co.nz>> wrote:
>>
>> Avinash Rao wrote:
>>
>> Dear all,
>>
>> I am new here and i would like to know the correct procedure for
>> compiling squid to integrate with samba.
>> I am doing this on a Ubuntu 8.04 Server 64-bit edition and i
>> have all
>> the updates installed. Infact, i have installed samba through
>> apt-get
>> install and is configured as a PDC.
>>
>> dpkg -l | grep samba
>> ii samba 3.0.28a-1ubuntu4.8 a LanManager-like file and
>> printer server fo
>> ii samba-common 3.0.28a-1ubuntu4.8 Samba common files used
>> by both
>> the server a
>>
>> I am in need of controlling internet access for samba domain users
>> through squid. I read the documentation and it says Squid must be
>> built with the configure options:
>>
>> --enable-auth="ntlm,basic"
>> --enable-basic-auth-helpers="
>> winbind"
>> --enable-ntlm-auth-helpers="winbind"
>>
>> According to the documentation,
>> --------
>> Samba 3.x
>> ---------
>> Things are much easier under the 3.x versions of Samba. Smbd is no
>> longer required to manage the machine's trust account, and there
>> is
>> no need to patch any utilities.
>> The Samba team has incorporated functionality to change the machine
>> trust account password in the new "net" command. A simple daily
>> cron
>> job scheduling "net rpc changetrustpw" is all that is needed.
>>
>>
>> I went through the squid documentation and the configure options
>> are
>> vast. All i want is normal squid operations but with samba
>> integration. Do I have to specify other options for normal squid
>> operations?? What is the correct procedure and which version of
>> squid
>> suits well for the version of samba i am using? I have used
>> squid but
>> never compiled. My requirement with samba is PDC, winxp clients,
>> users home directories are mapped as they login to the domain, a
>> common share for all users and a printer if needed.
>>
>> Many Thanks,
>> Avinash
>>
>>
>> This covers the NTLM auth via Samba requirements.
>> http://wiki.squid-cache.org/ConfigExamples/Authenticate/Ntlm
>>
>> This covers the Active Directory (kerberos/negotiate auth)
>> requirements:
>>
>> http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirectory
>>
>>
>> Amos
>> -- Please be using
>> Current Stable Squid 2.7.STABLE6 or 3.0.STABLE18
>> Current Beta Squid 3.1.0.13
>>
>>
>>
>>
>> Amos,
>>
>> Thanks for the reply.
>>
>> I read the documentation, and it says, "
>>
>> As Samba-3.x has it's own authentication helper there is no need to build
>> any of the Squid authentication helpers for use with Samba-3.x (and the
>> helpers provided by Squid won't work if you do). You do however need to
>> enable support for the NTLM scheme if you plan on using this. Also you may
>> want to use the wbinfo_group helper for group lookups
>>
>> --enable-auth="ntlm,basic"
>> --enable-external-acl-helpers="wbinfo_group"
>>
>> Does this mean that squid has to be compiled with the above options? I
>> am sorry if this sounds very basic. Also, my requirement, i should be able
>> to restrict few users samba users from accessing the internet through at
>> certain times and not necessary authentication. Will the above options
>> help.
>>
>> Thanks,
>> Avinash
>>
>
> The Squid packages available for Ubuntu already have those helpers built-in
> and installed along with the package. All you need is the configuration file
> changes.
>
> If you are building your own Squid from raw source code, you may need to add
> them.
>
> For someone who does not know the very basics I would seriously advise
> staying with the pre-packaged versions of Squid until you know what you are
> doing.
> --> apt-get install squid
>
> Then change the /etc/squid.conf file as needed.
>
>
> Amos
> --
> Please be using
> Current Stable Squid 2.7.STABLE6 or 3.0.STABLE18
> Current Beta Squid 3.1.0.13
>
Received on Mon Aug 17 2009 - 13:24:53 MDT
This archive was generated by hypermail 2.2.0 : Mon Aug 31 2009 - 12:00:03 MDT