[squid-users] ntlm locking user accounts in 2003 AD

From: Stacker Hush <stackerhush_at_gmail.com>
Date: Thu, 15 Jul 2010 09:30:08 -0300

Hello to all,

I'm having problem using this enviroment:
Squid 2.7.STABLE7
Samba 3.4.7

Squid.conf
auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 5
auth_param ntlm keep_alive on

auth_param basic program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

smb.conf

workgroup = domain
netbios name = NETSERVER
server string = PROXY SERVER
load printers = no
log file = /var/log/samba/log.%m
max log size = 500
winbind trusted domains only = yes
realm = domain.ltd
security = ads
auth methods = winbind
password server = Server.domain.ltd
winbind separator = +
encrypt passwords = yes
winbind cache time = 3600
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = false
idmap uid = 10000-20000
idmap gid = 10000-20000
local master = no
os level = 233
domain master = no
preferred master = no
domain logons = no
wins server = 10.0.0.249, 10.0.0.250
dns proxy = no
ldap ssl = no
load printers = no
template shell = /sbin/nologin

The problem is when some user request webpages i have alot with of 680 EVENT
(logon) in Windows events/security, with seconds of interval and sometimes
the user account are locked.
I supose the account is locked because user makes alot of authentication
requests.

Some way to fix this?

Thanks,
Stacker
Received on Thu Jul 15 2010 - 12:30:21 MDT

This archive was generated by hypermail 2.2.0 : Thu Jul 15 2010 - 12:00:04 MDT