Re: [squid-users] Urgent Samba / Squid NTLM Auth Problems

From: Abbas Salehi <[email protected]>
Date: Wed, 9 Nov 2005 13:52:03 +0330

Dear sir

I did all of your recommanded from document step by step

I succeeded to joined to the domain and active directory , i can see the
domain users and
groups

kinit command works properly,

net ads testjoin
Join is OK

net ads join administrator
Joined 'squid-server' to realm 'TEST.COM'

But ntlm_auth does not work properly,

I have following error when i run it :

ntlm_auth --username=administrator
password: ******
NT_STATUS_CANT_ACCESS_DOMAIN_INFO: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
(0xc00000da)

when i run the squid and set the the machine as proxy,the squid authenticate
but does not accept the user

When i browes some web pages, bring the dialog box, contain user and
password and domian,
but does not accept,

We have following error in my logs

Winbind :

[2005/10/30 14:02:11, 0] nsswitch/winbindd_util.c:get_trust_pw(1033)
  get_trust_pw: could not fetch trust account password for my domain
TEST.COM

Can anybody help me,

How can i solve this problem,

Regards
Abbas Salehi

----- Original Message -----
From: "Dave Raven" <dave@raven.za.net>
To: "'Serassio Guido'" <guido.serassio@acmeconsulting.it>; "'Ian Barnes'"
<ian@opteqint.net>; <squid-users@squid-cache.org>
Sent: Tuesday, November 08, 2005 6:49 PM
Subject: RE: [squid-users] Urgent Samba / Squid NTLM Auth Problems

> Hi all,
> I'm currently working on this problem with Ian. It seems like
> ntlm_auth is handling the requests fine -
>
> [root@server] /usr/local/bin # ./ntlm_auth --username=ianb
> --configfile=/usr/local/etc/smb.conf
> password:
> NT_STATUS_OK: Success (0x0)
>
> It also works through squid when using wget
>
> [2005/11/08 17:15:09, 3] utils/ntlm_auth.c:check_plaintext_auth(292)
> NT_STATUS_OK: Success (0x0)
>
> Note that it says check_plaintext_auth though, when using a browser (e.g.
> IE) we see the following messages
>
> [2005/11/08 15:16:36, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(606)
> Got user=[IANB] domain=[MASTERMIND] workstation=[IANB] len1=24 len2=24
> [2005/11/08 15:16:37, 3] utils/ntlm_auth.c:winbind_pw_check(427)
> Login for user [MASTERMIND]\[IANB]@[IANB] failed due to [Wrong Password]
>
> Why is it using a different method? It seems like the problem only occurs
> when it doesn't use check_plaintext_auth. Is there anything we can do to
> learn more?
>
> Thanks for all the help so far
> Dave
>
>
Received on Wed Nov 09 2005 - 03:21:46 MST

This archive was generated by hypermail pre-2.1.9 : Thu Dec 01 2005 - 12:00:09 MST