Hello, I havn't gotten an answer over on the squid usergroup - so I'm
hoping
someone can help me here.
SUSE - 9.1
SQUID - 2.5.STABLE5
SAMBA - 3.0.2a-SUSE (the one that came with SUSE Installer by YAST)
I have set up squid, samba, got the winbind to work great
Wbinfo -t, -u, -g all work great
Squid also worked great until I tried to tie in NTLM_Auth
If I authenticate using /usr/bin/ntlm_auth --username=administrator
It authenticates perfectly.
I have this in my squid.conf
auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 45
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param basic program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
And my ACL's
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
http_access allow localhost
acl AuthorizedUsers proxy_auth REQUIRED
http_access allow all AuthorizedUsers
http_access deny all
http_reply_access allow all
And if I try to browse anywebsite at all, the squid access.log shows
TCP_DENIED/407
In the squid cache.log I can see it authenticateValidateUser: Validating
Auth_user request '0x8487f80'
Then authenticateValidateUser: Validated Auth_user request '0x8487f80'
Then
User not fully authenticated
It will continue like that counting 4,3,2,1 And will eventually say
The request GET http://www.yahoo.com/ is DENIED, because it matched
'AuthorizedUsers'
Access Denied: http://www.yahoo.com
AciMatchedName = AuthorizedUsers
Proxy Auth message = <NULL>
Later down the log I'll see
Creating entry 0x832c000: near 'X-Squid-Error: ERR_CACHE_ACCESS DENIED
0'
Creating entry 0x832c000' near 'Proxy-Authenticate: NTLM - a whole bunch
of
letters, then trying more lookups.
Any ideas where I seem to be going awry here?
Thank you.