Hi,
At 23.44 10/12/2005, Mike Diggins wrote:
>I'm running Squid V2.5Stable10 and Samba 3.0.14a using NTLM
>authentication and configured according to the FAQ (Winbind).
So, I assume here that you are using Samba's ntlm_auth.
> All is working great except the PDC Admin has told me that all my
> authentications are occurring against only one of the two domain
> controllers. So, my question is likely to do with Samba, but does
> anyone know the correct config to make that happen? My current
> smb.conf looks like this:
>
>[global]
> workgroup = AP1
> winbind uid = 10000-20000
> winbind gid = 10000-20000
> encrypt passwords = yes
> security=domain
What kind of domain ? NT 4 or Active Directory ?
If Active Directory you should use "security=ads"
> password server = as6.ad.McMaster.CA, as7.ad.mcmaster.ca
This should never needed: usually Samba find by itself the right DC.
> winbind enum users = yes
> winbind enum groups = yes
> winbind use default domain = yes
> preferred master = False
> local master = No
> domain master = False
> log file = /var/log/samba.log
>
>Note: the domain is called AP1, the two domain controllers are as6
>and as7. I'm told that all my authentications are going to as6 but
>switching the order doesn't seem to help. I'd like them both to be
>used as well as provide redundancy should one fail.
>
>Any advice would be appreciated.
Do you are using "auth_param ntlm use_ntlm_negotiate on" in squid.conf ?
Enabling NTLM Negotiate changes the way how the authentication process work.
Regards
Guido
-
========================================================
Guido Serassio
Acme Consulting S.r.l. - Microsoft Certified Partner
Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY
Tel. : +39.011.9530135 Fax. : +39.011.9781115
Email: guido.serassio@acmeconsulting.it
WWW: http://www.acmeconsulting.it/
Received on Sun Dec 11 2005 - 01:48:10 MST
This archive was generated by hypermail pre-2.1.9 : Sat Dec 31 2005 - 12:00:02 MST