Hi all, I am trying to get squid to work with ntlm_auth and I am getting this error in the logs user [KES7]\[broyles]@[UPP-TCH-BMR] failed due to [winbind client not authorized to use winbindd_pam_auth_crap. Ensure permissions on /var/cache/samba/winbindd_privileged are set correctly.] II have changed the perms so that squid group had rx and I was still getting the error (I had restarted squid and samba) So then I tried adding the squid user to a samba group and changing /var/cache/samba/winbindd_privileged so its got the group of samba But I am still getting the message.... any ideas Also I am running these on Gentoo on a IA-64 box Thanks, B. Royles Senior Technician King Edward VII School Glossop Road Sheffield S10 2PW TEL : 0114 2662518 FAX : 0114 2687690 DDI : 0114 2296570
>> I am trying to get squid to work with ntlm_auth and I am getting this >> error in the logs >> >> user [KES7]\[broyles]@[UPP-TCH-BMR] failed due to [winbind client not >> authorized to use winbindd_pam_auth_crap. Ensure permissions on >> /var/cache/samba/winbindd_privileged are set correctly.] >> >> >> >> II have changed the perms so that squid group had rx and I was still >> getting the error (I had restarted squid and samba) >> >> So then I tried adding the squid user to a samba group and changing >> /var/cache/samba/winbindd_privileged so its got the group of samba >> >> But I am still getting the message.... any ideas > >What user does your squid cache run as? Can you send a list of the >permissions of /var, /var/cache and everything inside/var/cache/samba?>Thanks for the reply. The squid user is squid and the squid group is squid. I forgot to include this in my last email but we are running samba version 3.0.24 and squid 2.6.12 Here is the details you requested. low-serv-proxy var # ls -lha total 512 drwxr-xr-x 13 root root 336 May 17 08:56 . drwxr-xr-x 19 root root 560 May 21 13:07 .. drwxr-xr-x 9 root root 224 May 17 09:00 cache drwxr-xr-x 3 root root 72 May 22 09:30 db drwxr-xr-x 2 root root 88 May 21 13:11 empty drwxr-xr-x 17 root root 432 May 17 10:44 lib drwxrwxr-x 3 root uucp 96 May 21 16:26 lock drwxr-xr-x 11 root root 424 May 17 10:46 log lrwxrwxrwx 1 root root 15 May 16 11:04 mail -> /var/spool/mail drwxr-xr-x 8 root root 424 May 22 09:45 run drwxr-xr-x 6 root root 168 May 16 17:06 spool drwxr-xr-x 2 root root 72 Apr 29 18:43 state drwxrwxrwt 4 root root 136 May 23 10:21 tmp drwxr-xr-x 3 apache root 80 May 17 09:00 www low-serv-proxy var # ls -lha /var/cache/ total 2.5K drwxr-xr-x 9 root root 224 May 17 09:00 . drwxr-xr-x 13 root root 336 May 17 08:56 .. drwxr-xr-x 2 apache apache 88 May 17 09:00 apache2 drwxr-xr-x 2 root lp 88 May 17 09:14 cups drwxr-xr-x 3 root portage 200 May 21 13:29 edb drwxr-xr-x 2 root root 240 May 16 16:30 fontconfig drwxrwxr-x 27 root man 688 May 16 12:41 man drwxr-x--- 5 root root 792 May 23 14:23 samba drwxr-xr-x 66 squid root 1.7K May 22 09:45 squid low-serv-proxy var # low-serv-proxy var # ls -lha /var/cache/samba/ total 289K drwxr-x--- 5 root root 792 May 23 14:24 . drwxr-xr-x 9 root root 224 May 17 09:00 .. -rwxr-x--- 1 root root 0 May 21 12:10 .keep_net-fs_samba-0 -rwxr-x--- 1 root root 8.0K May 21 12:24 account_policy.tdb -rwxr-x--- 1 root root 40K May 21 16:26 brlock.tdb -rw-r--r-- 1 root root 504 May 23 14:24 browse.dat -rwxr-x--- 1 root root 8.0K May 21 16:26 connections.tdb -rwxr-x--- 1 root root 8.0K May 21 12:26 gencache.tdb -rwxr-x--- 1 root root 8.0K May 21 12:24 group_mapping.tdb -rwxr-x--- 1 root root 40K May 21 16:26 locking.tdb -rwxr-x--- 1 root root 16K May 21 16:26 messages.tdb -rwxr-x--- 1 root root 8.0K May 21 12:34 netsamlogon_cache.tdb -rwxr-x--- 1 root root 8.0K May 21 12:24 ntdrivers.tdb -rwxr-x--- 1 root root 696 May 21 12:24 ntforms.tdb -rwxr-x--- 1 root root 8.0K May 21 12:24 ntprinters.tdb drwxr-x--- 2 root root 48 May 21 12:24 perfmon drwxr-x--- 2 root root 80 May 21 12:29 printing -rwxr-x--- 1 root root 16K May 21 12:24 registry.tdb -rwxr-x--- 1 root root 24K May 23 10:21 sessionid.tdb -rw------- 1 root root 8.0K May 23 10:21 share_info.tdb -rwxr-x--- 1 root root 16K May 22 08:08 unexpected.tdb -rwxr-x--- 1 root root 56K May 21 16:27 winbindd_cache.tdb -rwxr-x--- 1 root root 8.0K May 21 12:29 winbindd_idmap.tdb drwxr-x--- 2 root squid 72 May 21 16:26 winbindd_privileged Thanks Brett
B Royles escribi?:> Hi all, > > I am trying to get squid to work with ntlm_auth and I am getting this > error in the logs > > user [KES7]\[broyles]@[UPP-TCH-BMR] failed due to [winbind client not > authorized to use winbindd_pam_auth_crap. Ensure permissions on > /var/cache/samba/winbindd_privileged are set correctly.] > > > > II have changed the perms so that squid group had rx and I was still > getting the error (I had restarted squid and samba) > > So then I tried adding the squid user to a samba group and changing > /var/cache/samba/winbindd_privileged so its got the group of samba > > But I am still getting the message.... any ideas >see http://wiki.squid-cache.org/SquidFaq/ProxyAuthentication#head-fc6ce1ba7fd667059c8678732c2b5e67e20d1f58 anyway this question is more related to the squid list. Thanks Emilio C.