I got ntlm_auth to work successfully, as I was using the incorrect winbind separate. However, Squid continues to ask me for credentials always. Even when I enter correct domain credentials, it does not work. A tcpdump between the Squid server and the domain controller only show 1 SMB request from the proxy to the DC.
Does anyone have any ideas on how I can further troubleshoot this?
Thanks.
-----Original Message-----
From: Baird, Josh [mailto:jbaird_at_follett.com]
Sent: Wednesday, July 18, 2012 10:01 AM
To: squid-users_at_squid-cache.org
Subject: [squid-users] NTLM Authentication Issues
Hi,
Running squid-2.6STABLE-6.el5 (RHEL5) here. Trying to configure NTLM authentication. I successfully configured krb/samba and have verified successful authentication using:
$ /usr/bin/ntlm_auth --username=jbaird
password:
NT_STATUS_OK: Success (0x0)
I can also enumerate groups and users successfully using "wbinfo -u" and "wbinfo -g"
However, when I add the squid-2.5-basic helper to ntlm_auth, I receive "ERR":
$ /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
na+jbaird <password>
ERR
I believe this is causing my squid configuration to fail:
<snip>
# NTLM configuration
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 30
acl NTLMUsers proxy_auth REQUIRED
http_access allow all NTLMUsers
</snip>
Does anyone have any tips on how to troubleshoot? Should I be using a different helper-protocol for ntlm_auth?
Thanks,
Josh
Received on Thu Jul 19 2012 - 14:53:59 MDT
This archive was generated by hypermail 2.2.0 : Thu Jul 19 2012 - 12:00:02 MDT