Re: [squid-users] squid and ntlm without winbind

From: Guido Marino Lorenzutti <glorenzutti_at_jusbaires.gov.ar>
Date: Sun, 07 Nov 2010 08:06:40 -0300

Maurizio Marini <maumar_at_datalogica.com> escribió:

> On Sat, 6 Nov 2010 10:25:43 +0100
> Kinkie <gkinkie_at_gmail.com> wrote:
>
>> On Fri, Nov 5, 2010 at 3:26 PM, Maurizio Marini
>> <maumar_at_datalogica.com> wrote:
>> > Hi there
>> [...]
>> > samba is pdc with ldap backend
>> > Now i should authenticate squid with samba on the same server. I
>> cannot use
>> > winbind (winbind should be used on samba domain member, isn'it), so
>> > following link:
>> > http://wiki.squid-cache.org/ConfigExamples/Authenticate/NtlmCentOS5
>> > is not useful, or, better: i tried to configure winbind using this wiki
>> > with no success.
>>
>> A domain controller is also a domain member ; the same configuration
>> should apply.
>> You may want to detail what you did, and what error messages you
>> got - if any.
>>
>> --
>>     /kinkie
>
> i stil get this error ;(
>
> wbinfo -a user%password
> plaintext password authentication failed
> Could not authenticate user user%password with plaintext password
> challenge/response password authentication failed
> error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc00000da)
> error messsage was: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
> Could not authenticate user user with challenge/response
>
>
> wbinfo -t
> checking the trust secret via RPC calls failed
> error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc00000da)
> Could not check secret
>
> should i join domain when client and server are on the same host?
>
> maybe it is better to post on samba lists, too
>
> thnx
> maurizio
>

You need two smb.conf. One for the domain controller and another for
the winbind.

I have a smb.conf and a winbind.conf, and the winbindd uses the winbind.conf.

Yes, you have to joing the winbind to the domain, with:

net rpc join -s /etc/samba/winbind.conf -U username

Hope this helps.

Bye.
Received on Sun Nov 07 2010 - 11:06:54 MST

This archive was generated by hypermail 2.2.0 : Sun Nov 07 2010 - 12:00:02 MST