Re: [squid-users] Re: NTLM / Winbind 3 / NSSWITCH from lukas.fuchs@dont-contact.us on 2004-05-19 (squid-users)

From: <lukas.fuchs@dont-contact.us>
Date: Wed, 19 May 2004 16:07:19 +0200

hi
here are the responses...

# wbinfo3 -a user%passwd
plaintext password authentication succeeded
challenge/response password authentication succeeded

# wbinfo3 -t
checking the trust secret via RPC calls succeeded

# /usr/bin/ntlm_auth3 --username=user
password:
NT_STATUS_OK: Success (0x0)

access.log:
1084362818.041 113 82.29.1.18 TCP_DENIED/407 1693 GET
http://www.nzz.ch/index.html - NONE/- text/html
1084362850.896 5 82.29.1.18 TCP_DENIED/407 1693 GET
http://www.nzz.ch/index.html - NONE/- text/html

still denied and no usernames logged...

plz help me!!!

thx lukas

             Adam Aube
             <aaube01@baker.ed
             u> To
             Sent by: news
             <news@sea.gmane.o squid-users@squid-cache.org
             rg> cc


             18.05.2004 16:56


                                                                   Subject
                                       [squid-users] Re: NTLM / Winbind 3
                                       / NSSWITCH

lukas.fuchs@rieter.com wrote:

> I've still the problem with logging the authentification via NTLM.

> I think it's not my squid.conf... I'have problems with the communication
> between NT-PDC - Squid - Client, but Winbind alone works properly
> (response: success).

Do you have success for both plaintext and challenge response? Post the
output of 'wbinfo -a user%password' if you are not sure.

> I think it might coult be that it's the NSSWITCH.conf... am I on the
wrong
> path?

Yes. nsswitch.conf has nothing to do with integrating Squid with a
Windows-style domain. You only need nsswitch.conf when you want your entire
system (not just Squid) to use the domain as an information source.

Adam
Received on Wed May 19 2004 - 08:10:13 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:01 MDT