RE: [squid-users] suse 9.1 preinstalled squid3

From: Chris Perreault <[email protected]>
Date: Wed, 25 Aug 2004 13:25:58 -0400

Suse 9.1 professional, which I'm testing with, has two versions listed as
follows:

Squid 2.5stable5-29 www proxy server
Squid-beta 3.0-233 www proxy server (new version)

The description, within Yast, says the beta is:

A recent development snapshot of the squid version 3.0 www proxy server

...........
At least it does say it is a dev snapshot and does list it as beta.

Chris

-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: Wednesday, August 25, 2004 1:08 PM
To: Mrvka Andreas
Cc: Squid-Users
Subject: Re: [squid-users] suse 9.1 preinstalled squid3

On Wed, 25 Aug 2004, Mrvka Andreas wrote:

> i have suse linux 9.1 where squid3 is precompiled

Hmm.. I think I have to go and shoot someone at SuSE.. Squid3 is not yet
released and way away from a production quality release. Having this
included in a OS release is pure madness on the level of playing russian
roulette.

> but i dont get it running authenticating my users with active directory.
>
> here my squid.conf:
> [...]
> auth_param basic program /usr/sbin/squid_ldap_auth -p 389 -u cn -R -b
> dc=subdomain,dc=domain,dc=com -D
> cn=administrator,cn=users,dc=subdomain,dc=domain,dc=com -w password -f
> cn=%s -h PDC

Any errors when you try this manually?

> auth_param ntlm program /usr/sbin/ntlm_auth -b DOMAIN/PDC DOMAIN/BDC

Hmm.. this program should not be in /usr/sbin/. It should be in
libexec/squid/ somewhere..

> echo "user pass" | /usr/sbin/ntlm_auth -d DOMAIN\\PDC
> ntlm-auth[6099](ntlm_auth.c:188): Adding domain-controller DOMAIN\\PDC
> ntlm-auth[6099](ntlm_auth.c:461): options processed OK
> ntlm-auth[6099](ntlm_auth.c:285): managing request
> ntlm-auth[6099](ntlm_auth.c:291): ntlm authenticator. Got 'user pass'
> from Squid
> ntlm-auth[6099](ntlm_auth.c:441): sending 'BH Helper detected protocol
error'
> to squid

This is correct. You can not test ntlm helpers manually as they expect
NTLMSSP binary blobs as input, not usernames/passwords.

Regards
Henrik
Received on Wed Aug 25 2004 - 11:28:18 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:02 MDT