Re: [squid-users] Samba 3-ntlm_auth, Squid-2.5Stable4 and W2K3 Authentication options

From: Henrik Nordstrom <[email protected]>
Date: Thu, 20 Nov 2003 17:52:56 +0100 (CET)

On 20 Nov 2003, Dave Augustus wrote:

> My squid.conf auth settings:
>
> auth_param ntlm program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp (yes this is the samba 3 version)

Looks good, assuming the comment was added when you wrote the message and
not in your config...

> auth_param basic program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-basic

This too..

Does basic work if you disable the ntlm scheme? (just comment out the
auth_param ntml program line..)

> My wbinfo output as requested:
>
> root@caleb ~> wbinfo -t
> checking the trust secret via RPC calls succeeded

Good.

> root@caleb ~> wbinfo -a surfer%surfer2003
> plaintext password authentication succeeded
> challenge/response password authentication succeeded

Good.

> This is where it breaks- It appears to me that squid is NOT logging the
> user/domain information in the log file
>
> AND
>
> when I run squid with the following (squid -XN -d 1) and then try to
> access the web page , squid says:
>
> FATAL: authenticateNTLMHandleReply: called with no result string
>
> Aborted
>
> So Samba's NTLM doesn't appear to give the answer in the form that Squid
> wants.

Indeed.

Do you get any hints if you enable debugging in the ntlm_auth helper? (see
the Samba docs)

Regards
Henrik
Received on Thu Nov 20 2003 - 09:58:26 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:21:25 MST