search for: max_challenge_lifetime

Displaying 19 results from an estimated 19 matches for "max_challenge_lifetime".

2006 Sep 12
1
Multiple Group checking using ntlm_auth
....21b We have it setup to use NTLM to check that the user belongs to a group within the domain. The need has arrisen to be able to support multiple groups. Is this possible? Our squid.conf section: auth_param ntlm program /ntlm_auth.sh ntlmssp auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param ntlm children 20 auth_param ntlm use_ntlm_negotiate on auth_param basic program /ntlm_auth.sh basic auth_param basic children 20 auth_param basic realm SERVER.DOMAIN.CO.ZA Cache NTLM Authentication auth_param basic credentialsttl 2 hours Our smb.conf: [global] winbind separato...
2005 Oct 31
1
NTLM Problems
Hi, I am running squid and samba to auth users against a 2003 domain. My squid setup is something like this: auth_param ntlm program /usr/local/libexec/squid/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param ntlm children 2 auth_param basic program /usr/local/libexec/squid/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 2 auth_param basic realm Cache NTLM Authentication auth_param basic credentialsttl 2 hours I then join the domain as follows: Net join -...
2003 Dec 18
2
ntlm_auth problem in Squid 2.5
...15:36:48, 0] utils/ntlm_auth.c:manage_squid_ntlmssp_request(375) NTLMSSP BH: NT_STATUS_ACCESS_DENIED squid.conf settings are: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp -d 10 auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes I don't understand why it would complain about the winbindd_privileged directory when I've changed the permissions to it as follows: drwxr-x--- 2 root squid 72 Dec 18 14:54 winbindd_privileged/ I'm not sure what the line "not authorized to use winbind...
2005 Apr 05
0
RE: [squid-users] IE improperly prompts for credentials; ntlm_auth with Samba 3.0.13, Squid 2.5.STABLE7, RedHat Linux 9.0, SmartFilter 4.01; ticket number 48293
...-caching web server #auth_param basic credentialsttl 2 hours auth_param basic casesensitive off # Customer specific configs auth_param ntlm program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 30 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours auth_param basic casesensitive off . . . Here is the relevant part from a d...
2003 Oct 29
3
[Fwd: [squid-users] NTLM Authentication Problem]
...--enable-cache-digests --enable-kill-parent-hack --disable-ident-lookups authentication in squid.conf configured as: auth_param ntlm program /usr/local/samba/bin/ntlm_auth -d 10 --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes # auth_param basic program /usr/local/samba/bin/ntlm_auth -d 10 --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Highmark Proxy Server auth_param basic credentialsttl 2 hours acl internet proxy_auth REQUIRED http_access allow internet http_access deny...
2003 Jun 04
0
Spurious auth failures with 2.5S3 + wb_ntlm
.... I have witnessed this behaviour occuring with IE 5.5 & 6 running on Win98, 2000 and XP. Relevant parts of the configuration files: == squid.conf == auth_param ntlm program /usr/local/squid/libexec/wb_ntlmauth auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes == smb.conf == workgroup = MYGROUP password server = MYPDC security = domain winbind uid = 10000-20000 winbind gid = 10000-20000 winbind use default domain = yes $ ./wbinfo -a MYGROUP\\steve%password plaintext password authentication succeeded challenge/response password authentication...
2004 Nov 29
0
[newbie] SQUID/SAMBA problems with NTLM_Auth
...If I authenticate using /usr/bin/ntlm_auth --username=administrator It authenticates perfectly. I have this in my squid.conf auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 45 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours And my ACL's acl all src 0.0.0.0/0.0.0.0 acl localhost src 127.0.0.1/255....
2005 Jun 17
0
NTLM, Squid & default domain
...anyone suggest where I should be looking to make it work? squid.conf lines look like: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of=ourdomainame\\ourgroupname auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 20 minutes auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of=ourdomainame\\ourgroupname auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours Ill post my smb.conf if its asked f...
2006 Mar 23
0
squid + external_acl_type + wbinfo_group.pl, Help needed
...ase Help Following is my present squid configuration squid-2.5.STABLE6-3.4E.11 ========================================================= auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 30 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes external_acl_type nt_group ttl=0 concurrency=5 %LOGIN /usr/lib/squid/wbinfo_group.pl acl unrestrictedusers external nt_group internet http_access allow unrestrictedusers ========================================================== samba-3.0.21c-1 [global] workgroup = DNA server st...
2005 Sep 30
1
Trouble with ntlm_auth
...ls every time. Below are the config lines I'm using: # Experimental Domain Authentication auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of=MERCURY\WebAccess auth_param ntlm children 30 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of=MERCURY\WebAccess auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours acl AuthorizedUsers proxy_auth REQUIRED http_...
2005 Oct 25
1
NTLM auth problems.
...I can then view users and groups, but with custom setting it doesn't get this far because the net join fails. My squid config looks like this: auth_param ntlm program /usr/local/libexec/squid/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param ntlm children 2 auth_param basic program /usr/local/libexec/squid/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 2 auth_param basic realm Cache NTLM Authentication auth_param basic credentialsttl 2 hours Anyone got any suggestions? Im totally lost.. Tha...
2005 Nov 07
4
Urgent Samba / Squid NTLM Auth Problems
...is correct as we tried this numerous times and we also tried copy pasting the password into the required field. Our squid.conf looks like this: auth_param ntlm program /usr/local/libexec/squid/ntlm_auth --helper-protocol=squid-2.5-ntlmssp -d9 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param ntlm children 2 auth_param basic program /usr/local/libexec/squid/ntlm_auth --helper-protocol=squid-2.5-basic -d9 auth_param basic children 2 auth_param basic realm Cache NTLM Authentication auth_param basic credentialsttl 2 hours Anyone have any idea as to why that would happ...
2005 Apr 07
2
Samba-Squid-AD: Error returned 'BH NT_STATUS_ACCESS_DENIED'
...5.conf files to much my AD domain settings. I joined the domain. My squid.conf file containes the following: auth_param ntlm program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours acl a...
2004 Nov 24
0
Upgrade from 3.0.7 to 3.0.8 breaks winbind
...alidating user via NTLM. Error returned 'BH NT_STATUS_ACCESS_DENIED' The relevent config in squid.conf for this is like so: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours So I checked to see if kerberos was working still. Running 'kinit adminstrator@S...
2006 Jun 26
1
samba 3.0.20 + squid 2.5 : automatic logon with internet explorer
hello, samba is setup PDC with ldap client : windows xp pro sp2 server : samba 3.0.20 + openldap 2.2 + squid 2.5stable14 + squidGuard is it possible to create an automatic logon with internet explorer ? perhaps with ntlm_auth, but i can't find the good sentence. thanks.
2005 Apr 04
1
IE improperly prompts for credentials; ntlm_auth with Samba 3.0.13, Squid 2.5.STABLE7, RedHat Linux 9.0, SmartFilter 4.01
...roxy-caching web server #auth_param basic credentialsttl 2 hours auth_param basic casesensitive off # Site specific configs auth_param ntlm program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 30 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours . . . # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS #...
2003 Nov 11
1
ntlm_auth and squid authentication problems
...US_OK: Success (0x0) then, configure my squid to work with ntlm_auth, so squid.conf will be: auth_param ntlm program /usr/squid/libexec/ntlm_auth --debug-level=10 --helper-protocol=squid-2.5-nt lmssp --nt-response auth_param ntlm children 40 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/squid/libexec/ntlm_auth --debug-level=10 --helper-protocol=squid-2.5-ba sic --nt-response auth_param basic children 40 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours Ok ? that's ok. then I open my IE6, lat...
2003 Apr 07
3
Solaris 8 and winbindd/wbinfo
Hi All, I cannot get my Samba server 2.2.8 working with winbind correctly on Solaris 8. I intend to use this to transparently authenticate squid 2.5stable2. I compiled samba using gcc 2.95.3. configure options were ./configure --with-winbind-auth-challenge --with-winbind --with-pam root# ./wbinfo -t Secret is good root# ./wbinfo -u 0xc0000022 The same thing with wbinfo -g. getent group
2005 Apr 05
0
Informal HOWTO - transparent authentication and optional outbound web filtering using Samba 3.0.13, Squid 2.5.STABLE7, SmartFilter 4.01, RedHat 9.0 in a Win2003 AD domain
...r this string: TAG: auth_param Skip down through the explanatory comments and put in the following changes in this order: auth_param ntlm program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 30 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours Note that the template squid.conf file has several references to auth_para...