On 26/04/11 21:32, Olaf.Boldt_at_hvbg.hessen.de wrote:
> Hello!
>
> Since a few weeks I have Squid Version 2.7.STABLE7 on Ubuntu Server 10.04. All worked fine - different users in an AD-Group could reach the internet through my proxy. Because of this my Squid-configuration seems to be OK. Since the name of the AD-Group was changed it is no more possible to reach the internet through the proxy. The error is:
> "Access control configuration prevents your request from being allowed at this time."
>
> Switching to the old group name all works fine again, switching to the new one: the same error as above.
>
> I changed the debug options and found this entry in cache.log:
> "Could not convert sid S-1-5-21-3365863304-72330373-946326852-415981 to gid"
>
> Is that a problem of Squid? Or is it a problem of Samba?
> What to do?
The error is produces by winbind. So I doubt it is a Squid problem.
Check that AD has a SID "S-1-5-21-3365863304-72330373-946326852-415981".
Then check that SID has the correct group GID associated with it.
FWIW: Others mentioning this error years ago have had to do things like
patch, upgrade or re-install their samba or winbind binaries.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.12 Beta testers wanted for 3.2.0.7 and 3.1.12.1Received on Tue Apr 26 2011 - 09:57:15 MDT
This archive was generated by hypermail 2.2.0 : Tue Apr 26 2011 - 12:00:03 MDT