[squid-users] Pb with external acl winbind_group

From: BEOI 7308 <beoi.7308@dont-contact.us>
Date: Thu, 07 Nov 2002 15:13:44 +0100

Greetings,

I've been searching for days to solve my pb but couldnt manage to find
any help
I've set up squid-2.5.STABLE1, samba-2.2.6 on linux Debian 2.4.19 and
wish to authenticate
users via ntlm to give access to the cache if they are part of an NT
group

samba configure options :
 --with-winbind --with-winbind-auth-challenge

i managed to join the domain via the "smbpasswd -j DOMAIN -r PDC -U
Administrator" command
"wbinfo -t" gives me good secret
"wbinfo -a mydomain+myuser%mypasswd" gives a success in both plaintext
and challenge/response authentication

squid configure options :
--enable-auth="ntlm,basic" --enable-basic-auth-helpers="winbind"
--enable-ntlm-auth-helpers="winbind"
--enable-external-acl-helpers="winbind_group"

using "/usr/local/squid-2.5/libexec/wb_auth -d" with "mydomain+myuser
mypasswd" gives me "OK"
but when i try to check if a user is part of a group with
"/usr/local/squid-2.5/libexec/wb_group -d" and enter "mydomain+myuser
group" I always get an "ERR"
even if myuser is part of the group on the NT box (btw "getent group"
gives me the full listing of the domain groups)
i've tried to enter "myuser" without "mydomain+", "mydomain+group"
instead of "group", group in lowercase and group in uppercase but it
always ends with an "ERR"

is there anyone here who could help me to solve this problem ?
thanks in advance

Quentin
Received on Thu Nov 07 2002 - 07:00:58 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:11 MST