Danny,
I went through a similar thing with smb, and I was able to get around it
(another nasty hack) by adding the account (without password) to the
Solaris box.
This is obviously the wrong thing to do. I think it has something to do
with the pam entry
other account required /usr/lib/security/pam_unix.so.1
I tried adding the appropriate
squid account required /usr/lib/security/pam_smb.so.1
entry to the pam.conf file, but it doesnt seem to work properly. You may
have more success with the pam_radius module. I'm currently researching
the account management part of pam to see what I can do about it, but I'm
not hopeful for the next few days.
Cheers! (Relax...have a homebrew)
Neil
On Fri, 10 Dec 1999, Danny Kruitbosch wrote:
> Hi all,
>
> I'm (still) trying to get my SQUID (on Solaris) to authenticate my users on
> a NT RADIUS server (Funk Steel belted radius 2.12).
>
> This is what I've been able to do so far:
>
> The PAM_AUTH program from Henrik Nordstrom works now on Solaris (Thanks
> Henrik and Neil Thompson for their help). I'm able to use UNIX passwords to
> authenticate.
>
> For the radius authentication I compiled Alan DeKok's PAM_RADIUS module.
> Compiling was no hassle.
>
> I put the following in my pam.conf:
>
> squid auth sufficient /usr/lib/security/pam_radius_auth.so.1
>
> When I try to authenticate nothing seems to happen! PAM_AUTH return a ERR. I
> don't see any data going to my RADIUS server.
>
> To see if something is wrong with my pam_radius_auth I tested this also on
> Linux. This is what happend:
>
> When I try to authenticate I get a ERR back from PAM_AUTH (the squid
> program), but my RADIUS server logs a ACCEPT being sent to the RADIUS
> client!
>
> Can someone please shed some light on this?
>
>
> Thanks very much
>
> Danny Kruitbosch
>
Received on Fri Dec 10 1999 - 04:49:20 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:49:50 MST