Thanks for the support with my attempt to get squid+winbind+samba+ADS
working
RedHat 9.0 + squid 2.5.3 + samba 2.2.8a
I now have samba components working with ADS
wbinfo -a domain+username%password works
wbinfo -t works
wb_auth -d
Domain+username password gets an ok
Squid logs
1058324873.302 1 xxx.xxx.xxx.xxx TCP_DENIED/407 1732 GET
http://www.google.com.au/ - NONE/- text/html
1058324873.321 9 xxx.xxx.xxx.xxx TCP_DENIED/407 1728 GET
http://www.google.com.au/ - NONE/- text/html
1058324877.106 1 xxx.xxx.xxx.xxx TCP_DENIED/407 1732 GET
http://www.google.com.au/ - NONE/- text/html
1058324877.109 0 xxx.xxx.xxx.xxx TCP_DENIED/407 1728 GET
http://www.google.com.au/ - NONE/- text/html
Is there anyway to increase the information logged specifically about the
ntlm auth?
Squid.conf
auth_param ntlm program /usr/local/squid/libexec/wb_ntlmauth
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param basic program /usr/local/squid/libexec/wb_auth
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl AuthorizedUsers proxy_auth required
http_access allow all AuthorizedUsers
http_access deny all
Getent does not inculde domain information only Linux info is this a
problem?
Smb.conf
[global]
workgroup = XXXXX
netbios name = MAIL
server string = Samba Server
security = DOMAIN
encrypt passwords = Yes
update encrypted = Yes
obey pam restrictions = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
unix password sync = Yes
log file = /var/log/samba/%m.log
max log size = 0
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = No
password server = *
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
name resolve order = hosts lmhosts wins bcast
printing = cups
wins server = xxx.xxx.xxx.xxx
Regards
Tony
Received on Wed Jul 16 2003 - 08:00:41 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:01 MST