RE: [squid-users] testing ntlm auth

From: Robert Collins <robert.collins@dont-contact.us>
Date: 06 Aug 2001 12:57:11 +1000

On 02 Aug 2001 12:11:46 +0200, Derick Jansen wrote:
> Hi, I am trying this authentication scheme. Squid starts up fine and these
> are the processes runing
>
> 21806 ? S 0:00 ./squid
> 21808 ? S 0:00 (squid)
> 21814 ? S 0:00 (unlinkd)
> 21827 ? S 0:00 (ntlm_auth) inetbridge/rbk-bdc2
> 21828 ? S 0:00 (ntlm_auth) inetbridge/rbk-bdc2
> 21829 ? S 0:00 (ntlm_auth) inetbridge/rbk-bdc2
> 21830 ? S 0:00 (ntlm_auth) inetbridge/rbk-bdc2
> 21831 ? S 0:00 (ntlm_auth) inetbridge/rbk-bdc2
>
> I am however not being authenticated.
>
> When I run this manually /usr/local/squid/libexec/squid/ntlm_auth
> inetbridge/rbk-bdc2 and type YR I get no response from the domain
> controller. I also tried using the domain controllers IP instead of the
> name.

There have been some messages on this in the list already - do a search
on ntlm_auth. You need to use the machine name, not the ip address.

> Do I need to do something on the domain controller to get this to work?

No. Or rather, you can't be using "high security" - we are using an
_old_ Samba library for this. Kinkie is working on an updated helper
that uses a much newer library.

Also, a large amount of work has gone into stability recently, and
tonights daily snapshot from www.squid-cache.org should be much more
reliable. (It doesn't affect the ntlm_auth helper problem that you have
unfortunately). You should grab that tarball and use it.

It's NOT available on sourceforge outside of the NTLM branch as yet, as
soon as it is I'll be posting a detailed email here listing the changes
and asking early adopters to upgrade.

Rob
Received on Sun Aug 05 2001 - 21:09:13 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:28 MST