> RedHat Linux 9.0,
> MIT Kerberos 1.4 built from source,
> Samba 3.0.13 built from source,
> Squid 2.5.STABLE7 built from source
> SmartFilter 4.01.
> Active Directory with Windows 2003
>
> Why not use RPMs? Well - ADS support for Windows 2003 needs Kerberos
> 1.3 or newer. But RedHat 9.0 has Kerberos 1.2.7 and zillions of RedHat
> packages depend on it. So I need krb5 1.4 in another tree and
> everything pretty much flows from that.
For what it is worth, I have this working fine against a Windows 2003 ADS
with RedHat 7.3 with krb5-*-1.2.4-11.i386.rpm
and on Fedora Core 3 with krb5-*-1.3.4-7.i386.rpm - however I am using Samba
3.0.2a to get around the kerberos issue.
I used the information from the Squid FAQ's regarding winbind and kerberos
to get mine to work
(http://www.squid-cache.org/Doc/FAQ/FAQ.html#toc23.5)
Looking at your squid.conf, you have stated:
acl AuthorizedUsers proxy_auth REQUIRED
http_access allow all AuthorizedUsers
Won't 'all' get processed before AuthorizedUsers so everyone will be
allowed?
My http_access is just
http_access allow AuthorizedUsers
http_access deny all
Don't know if it's what is causing your problem, but it might cause you a
problem in the future?
Another thing I noticed you didn't do that I did that might be causing a
problem is you didn't
chmod winbindd_privileged, you chgrp'd it, but not chmod it...
chmod 750 /var/lib/samba/winbindd_privileged/
Failing that, I don't know why it doesn't work.
Jay
Received on Mon Apr 04 2005 - 02:35:24 MDT
This archive was generated by hypermail pre-2.1.9 : Sun May 01 2005 - 12:00:03 MDT