Re: [squid-users]

From: Matt Alexander <[email protected]>
Date: Mon, 8 Nov 2004 17:52:42 -0700

Is this a RH ES 3 box? There's a Perl bug that causes the shellwords
function to fail in Also, you'll need to fix the script to strip off the Domain Group stuff after
wbinfo gets the group SID. Here's a replacement for the check

sub check {
        local($user, $group) = @_;
        $groupSID = `wbinfo -n "$group"` . " ";
        $groupSID = substr($groupSID,0,index($groupSID," ",0));
        $groupGID = `wbinfo -Y $groupSID`;
        chomp $groupGID;
        &debug( "User: -$user-\nGroup: -$group-\nSID:
-$groupSID-\nGID: -$groupGID-");
        return 'OK' if(`wbinfo -r \Q$user\E` =~ /^$groupGID$/m);
        return 'ERR';

If you are using RH ES 3, then here's a replacement for the main loop:

while (<STDIN>) {
        &debug ("Got $_ from squid");
        @stupidRHperlbug = split(/\s+/, $_);
        $user = $stupidRHperlbug[0];
        $group = $stupidRHperlbug[1];
        $ans = &check($user, $group);
        &debug ("Sending $ans to squid");
        print "$ans\n";

On Tue, 9 Nov 2004 09:28:58 +1100, <> wrote:
> Hi,
> I currently have squid authenticating with AD on a per user basis.
> In trying to get working, the version that comes with the current stable version of squid:
> Squid Cache: Version 2.5.STABLE7
> configure options: --prefix=/usr --datadir=/usr/share --localstatedir=/var --sysconfdir=/etc/squid --infodir=/usr/share/info --mandir=/usr/share/man --enable-snmp --enable-ssl --enable-auth=ntlm,basic --enable-external-acl-helpers=wbinfo_group
> Examples1: Real user and group
> [root@proxysvr libexec]# ./
> hotline www-access
> Got hotline www-access from squid
> -- end of example 1
> Eample2: user and group that does not exist
> [root@proxysvr libexec]# ./
> fakeuser dummygroup
> Got fakeuser dummygroup from squid
> -- end of example 2
> In order to terminate the processes above I have to hit control-c or break.
> any ideas ?
> wbinfo -t
> wbinfo -u
> wbinfo -g
> the above check out ok.
> Help/Ideas appreciate
> cheers
> Ben

Get Firefox!
Received on Mon Nov 08 2004 - 17:53:07 MST

This archive was generated by hypermail pre-2.1.9 : Wed Dec 01 2004 - 12:00:01 MST