[squid-users] RE: NTLM Authentication Issues

From: Baird, Josh <jbaird_at_follett.com>
Date: Thu, 19 Jul 2012 14:53:50 +0000

I got ntlm_auth to work successfully, as I was using the incorrect winbind separate. However, Squid continues to ask me for credentials always. Even when I enter correct domain credentials, it does not work. A tcpdump between the Squid server and the domain controller only show 1 SMB request from the proxy to the DC.

Does anyone have any ideas on how I can further troubleshoot this?


-----Original Message-----
From: Baird, Josh [mailto:jbaird_at_follett.com]
Sent: Wednesday, July 18, 2012 10:01 AM
To: squid-users_at_squid-cache.org
Subject: [squid-users] NTLM Authentication Issues


Running squid-2.6STABLE-6.el5 (RHEL5) here. Trying to configure NTLM authentication. I successfully configured krb/samba and have verified successful authentication using:

$ /usr/bin/ntlm_auth --username=jbaird
NT_STATUS_OK: Success (0x0)

I can also enumerate groups and users successfully using "wbinfo -u" and "wbinfo -g"

However, when I add the squid-2.5-basic helper to ntlm_auth, I receive "ERR":

$ /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
na+jbaird <password>

I believe this is causing my squid configuration to fail:

# NTLM configuration
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 30
acl NTLMUsers proxy_auth REQUIRED
http_access allow all NTLMUsers

Does anyone have any tips on how to troubleshoot? Should I be using a different helper-protocol for ntlm_auth?


Received on Thu Jul 19 2012 - 14:53:59 MDT

This archive was generated by hypermail 2.2.0 : Thu Jul 19 2012 - 12:00:02 MDT