ivanmartinezz at cantv.net
2009-Dec-28 16:42 UTC
[Samba] Samba4 and Squid3 with ntlm_auth ... more information
Hello there. i'm check this link about squid with AD autentication: http://techmiso.com/1934/howto-install-squid-web-proxy-server-with-active-di rectory-authentication/ But the test don't work # wbinfo-t checking the trust secret via RPC calls succeeded # find / - name ntlm_auth /usr/local/samba/bin/ntlm_auth /usr/src/samba-alpha10/source4/bin/ntlm_auth /usr/lib/squid3/ntlm_auth # cd /usr/local/samba/bin/ # ./ntlm_auth --helper-protocol=squid-2.5-basic MYDOMAIN+Administrator password Hang the shell And... # cd /usr/lib/squid3/ # # ./ntlm_auth --helper-protocol=squid-2.5-basic MYDOMAIN+Administrato password You MUST specify at least one Domain Controller. You can use either \ or / as separator between the domain name and the controller name ./ntlm_auth: invalid option -- '-' unknown option: -?. Exiting ./ntlm_auth usage: ./ntlm_auth [-b] [-f] [-d] [-l] domain\controller [domain\controller ...] -b enables load-balancing among controllers -f enables failover among controllers (DEPRECATED and always active) -l changes behavior on domain controller failyures to last-ditch. -d enables debugging statements if DEBUG was defined at build-time. My squid access.log show 1262018002.154 0 192.168.24.18 TCP_DENIED/407 3035 GET http://www.yahoo.com/ - NONE/- text/html 1262018030.201 1 192.168.24.18 TCP_DENIED/407 3165 GET http://www.yahoo.com/ administrato at mydomain.lan NONE/- text/html 1262018036.751 0 192.168.24.18 TCP_DENIED/407 3153 GET http://www.yahoo.com/ administrator NONE/- text/html 1262018046.058 0 192.168.24.18 TCP_DENIED/407 3161 GET http://www.yahoo.com/ administrator at mydomain NONE/- text/html 1262018046.954 0 192.168.24.18 TCP_DENIED/407 3213 GET http://www.yahoo.com/ - NONE/- text/html 1262018047.433 0 192.168.24.18 TCP_DENIED/407 3213 GET http://www.yahoo.com/ - NONE/- text/html 1262018047.907 0 192.168.24.18 TCP_DENIED/407 3213 GET http://www.yahoo.com/ - NONE/- text/html 1262018048.353 0 192.168.24.18 TCP_DENIED/407 3213 GET http://www.yahoo.com/ - NONE/- text/html 1262018048.810 0 192.168.24.18 TCP_DENIED/407 3213 GET http://www.yahoo.com/ - NONE/- text/html 1262018049.970 0 192.168.24.18 TCP_DENIED/407 3217 GET http://www.yahoo.com/ xxx NONE/- text/html 1262018051.810 0 192.168.24.18 TCP_DENIED/407 3219 GET http://www.yahoo.com/ kjhjkhd NONE/- text/html # ./testparm Loaded smb config files from /usr/local/samba/etc/smb.conf lp_load: refreshing parameters from /usr/local/samba/etc/smb.conf Processing section "[netlogon]" Processing section "[sysvol]" Processing section "[compartido]" Loaded services file OK. Press enter to see a dump of your service definitions # Global parameters [global] server role = domain controller workgroup = MYDOMAIN netbios name = PANTRO prefork children:smb = 4 registry:hkey_users = hku.ldb registry:hkey_local_machine = hklm.ldb auth methods:standalone = anonymous sam_ignoredomain auth methods:member server = anonymous sam winbind auth methods:domain controller = anonymous sam_ignoredomain comment = path = ntvfs handler = unixuid, default read only = Yes create mask = 0744 force create mode = 00 directory mask = 0755 force directory mode = 00 hosts allow = hosts deny = max connections = -1 strict sync = No case insensitive filesystem = No max print jobs = 1000 printable = No printer name = map system = No map hidden = No map archive = Yes browseable = Yes csc policy = manual strict locking = Yes oplocks = Yes copy = include = available = Yes volume = fstype = NTFS msdfs root = No [netlogon] path = /usr/local/samba/var/locks/sysvol/mydomain.lan/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No [compartido] path = /home/compartido read only = No [IPC$] comment = IPC Service (Samba 4.0.0alpha10) path = /tmp ntvfs handler = default browseable = No fstype = IPC [ADMIN$] comment = DISK Service (Samba 4.0.0alpha10) path = /tmp browseable = No fstype = DISK Thanks a lot!!!
Apparently Analagous Threads
Wisdom of the Ancients
