[squid-users] NTLM_authentication from Fernando Lujan on 2006-01-19 (squid-users)

From: Fernando Lujan <fernando.lujan@dont-contact.us>
Date: Thu, 19 Jan 2006 18:29:28 -0200

Hi all,

I'm trying to make my squid authenticate with the samba server, without
success.

I'm following the steps described in the following link:
http://www.squid-cache.org/Doc/FAQ/FAQ-23.html#winbind

I hope that all information which I provide is enough, if not, please
tell me.

Thanks in advance.

I compiled squid (2.5STABLE10) with the following options:

./configure --prefix=/usr \
        --sysconfdir=/etc/squid \
        --enable-delay-pools \
        --enable-snmp \
        --enable-htcp \
        --enable-ssl \
        --enable-default-err-language=Portuguese \
        --enable-linux-netfilter \
        --enable-underscores \
        --with-samba-sources=/root/samba-3.0.10 \
        --enable-auth=ntlm,basic \
        --enable-external-acl-helpers="wbinfo_group"

Erros:

root@squid:~# net join -W xxx -U root
Password:
Joined domain XXX.

root@squid:~# wbinfo -t
checking the trust secret via RPC calls succeeded

root@squid~# ntlm_auth --helper-protocol=squid-2.5-basic
xxx+root #####
ERR

This is my smb.conf from the PDC Machine( Samba 3.0.20).

   1.
      [global <http://www.php.net/global>]
   2.
         netbios name = Arquivos
   3.
         workgroup = teste.com.br
   4.
         server string = Servidor de Arquivos
   5.
         security = user
   6.
         load printers = yes
   7.
         log <http://www.php.net/log> file <http://www.php.net/file> =
      /var/log <http://www.php.net/log>/samba.%m
   8.
         max <http://www.php.net/max> log <http://www.php.net/log> size = 50
   9.
         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
  10.
         local master = yes
  11.
         os level = 33
  12.
         domain master = yes
  13.
         preferred master = yes
  14.
         domain logons = yes
  15.
         wins support = yes
  16.
         dns proxy = no
  17.

  18.
      [homes]
  19.
         path=/home/%S
  20.
         browseable = no
  21.
         writable = yes
  22.

  23.
      [netlogon]
  24.
         path = /home/netlogon
  25.
         guest ok = yes
  26.
         writable = no
  27.
         share modes = no

And from the Squid machine:

[global]
   workgroup = xxx
   server string = Squid Server
   netbios name = squid
   security = domain
   log file = /var/log/samba.%m
   max log size = 50
   password server = 192.168.1.5
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   encrypt passwords = yes
   winbind uid = 10000-20000
   winbind gid = 10000-20000
   winbind use default domain = yes
   dns proxy = no

Fernando Lujan
Received on Thu Jan 19 2006 - 13:31:13 MST

This archive was generated by hypermail pre-2.1.9 : Wed Feb 01 2006 - 12:00:01 MST