[squid-users] Re: Re: Re: Squid authenticate via squid_kerb_ldap from Markus Moeller on 2011-10-07 (squid-users)

From: Markus Moeller <huaraz_at_moeller.plus.com>
Date: Fri, 7 Oct 2011 18:30:35 +0100

That is not what I expected. Can you do the following please ?

#> export KRB5_KTNAME=<your squid keytab>

#> strace -f -F -v -o /tmp/skl.out </path-to-squid-kerb-ldap> -d -g
G_Internet_RH_at_DOMAIN.LOCAL
2011/10/04 20:52:43| squid_kerb_ldap: Starting version 1.2.2
2011/10/04 20:52:43| squid_kerb_ldap: Group list G_Internet_RH_at_DOMAIN.LOCAL
2011/10/04 20:52:43| squid_kerb_ldap: Group G_Internet_RH Domain
DOMAIN.LOCAL
2011/10/04 20:52:43| squid_kerb_ldap: Netbios list NULL
2011/10/04 20:52:43| squid_kerb_ldap: No netbios names defined.
2011/10/04 20:52:43| squid_kerb_ldap: ldap server list NULL
2011/10/04 20:52:43| squid_kerb_ldap: No ldap servers defined.
rodrigo.lopes_at_DOMAIN.LOCAL
...

You will have to provide rodrigo.lopes_at_DOMAIN.LOCAL as input the rest is the
squid_kerb_ldap debug output.

Can you sent me the compressed skl.out file ?

Markus

"spiderslack" <spiderslack_at_yahoo.com.br> wrote in message
news:4E8E6A3D.1010104_at_yahoo.com.br...
> On 10/06/2011 03:57 PM, Markus Moeller wrote:
>> If that fails you maybe missing cyrus-sasl-gssapi
> No i worked
>
> root_at_Firewall:~# ldapsearch -H ldap://srvarq.domain.local -s sub -b
> dc=domain,dc=local serviceprincipalname=ldap/srvarq.domain.local
> SASL/GSSAPI authentication started
> SASL username: HTTP/Firewall.domain.local_at_DOMAIN.LOCAL
> SASL SSF: 56
> SASL data security layer installed.
> # extended LDIF
> #
> # LDAPv3
> # base <dc=domain,dc=local> with scope subtree
> # filter: serviceprincipalname=ldap/srvarq.domain.local
> # requesting: ALL
> #
>
> # SRVARQ, Domain Controllers, domain.local
> dn: CN=SRVARQ,OU=Domain Controllers,DC=domain,DC=local
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: user
> objectClass: computer
> cn: SRVARQ
> distinguishedName: CN=SRVARQ,OU=Domain Controllers,DC=domain,DC=local
> instanceType: 4
> whenCreated: 20070426135212.0Z
> whenChanged: 20110929091109.0Z
> displayName: SRVARQ$
> uSNCreated: 7279
> uSNChanged: 5432614
> name: SRVARQ
> objectGUID:: 4LCuu2VQ+k+ocfyfkrj6vA==
> userAccountControl: 532480
> codePage: 0
> countryCode: 0
> lastLogon: 129623116150837736
> localPolicyFlags: 0
> pwdLastSet: 129617610543168750
> primaryGroupID: 516
> objectSid:: AQUAAAAAAAUVAAAACBFp0m3WiWiioI3tiBAAAA==
> accountExpires: 9223372036854775807
> logonCount: 667
> sAMAccountName: SRVARQ$
> sAMAccountType: 805306369
> operatingSystem: Windows Server 2003
> operatingSystemVersion: 5.2 (3790)
> operatingSystemServicePack: Service Pack 2
> serverReferenceBL:
> CN=SRVARQ,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN
> =Configuration,DC=domain,DC=local
> dNSHostName: srvarq.domain.local
> rIDSetReferences: CN=RID Set,CN=SRVARQ,OU=Domain
> Controllers,DC=domain,DC=lo
> cal
> servicePrincipalName: ldap/srvarq.domain.local/ForestDnsZones.domain.local
> servicePrincipalName: ldap/srvarq.domain.local/DomainDnsZones.domain.local
> servicePrincipalName: DNS/srvarq.domain.local
> servicePrincipalName: GC/srvarq.domain.local/domain.local
> servicePrincipalName: HOST/srvarq.domain.local/domain.local
> servicePrincipalName: HOST/srvarq.domain.local/DOMAIN
> servicePrincipalName:
> ldap/8e1ab25f-de62-46ba-8369-ee9093a58f48._msdcs.lmvidro
> s.local
> servicePrincipalName: ldap/srvarq.domain.local/DOMAIN
> servicePrincipalName: ldap/SRVARQ
> servicePrincipalName: ldap/srvarq.domain.local
> servicePrincipalName: ldap/srvarq.domain.local/domain.local
> servicePrincipalName:
> NtFrs-88f5d2bd-b646-11d2-a6d3-00c04fc9b232/srvarq.lmvidr
> os.local
> servicePrincipalName:
> E3514235-4B06-11D1-AB04-00C04FC2DCD2/8e1ab25f-de62-46ba-
> 8369-ee9093a58f48/domain.local
> servicePrincipalName: HOST/SRVARQ
> servicePrincipalName: HOST/srvarq.domain.local
> objectCategory: CN=Computer,CN=Schema,CN=Configuration,DC=domain,DC=local
> isCriticalSystemObject: TRUE
> frsComputerReferenceBL: CN=SRVARQ,CN=Domain System Volume (SYSVOL
> share),CN=Fi
> le Replication Service,CN=System,DC=domain,DC=local
> dSCorePropagationData: 20111003195908.0Z
> dSCorePropagationData: 16010101000001.0Z
>
> # search reference
> ref: ldap://ForestDnsZones.domain.local/DC=ForestDnsZones,DC=domain,DC=loc
> al
>
> # search reference
> ref: ldap://DomainDnsZones.domain.local/DC=DomainDnsZones,DC=domain,DC=loc
> al
>
> # search reference
> ref: ldap://domain.local/CN=Configuration,DC=domain,DC=local
>
> # search result
> search: 5
> result: 0 Success
>
> # numResponses: 5
> # numEntries: 1
> # numReferences: 3
> root_at_Firewall:~#
>
>
Received on Fri Oct 07 2011 - 17:31:08 MDT

This archive was generated by hypermail 2.2.0 : Sat Oct 08 2011 - 12:00:02 MDT