search for: max_challenge_lifetime

....21b We have it setup to use NTLM to check that the user belongs to a group within the domain. The need has arrisen to be able to support multiple groups. Is this possible? Our squid.conf section: auth_param ntlm program /ntlm_auth.sh ntlmssp auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param ntlm children 20 auth_param ntlm use_ntlm_negotiate on auth_param basic program /ntlm_auth.sh basic auth_param basic children 20 auth_param basic realm SERVER.DOMAIN.CO.ZA Cache NTLM Authentication auth_param basic credentialsttl 2 hours Our smb.conf: [global] winbind separato...

Hi, I am running squid and samba to auth users against a 2003 domain. My squid setup is something like this: auth_param ntlm program /usr/local/libexec/squid/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param ntlm children 2 auth_param basic program /usr/local/libexec/squid/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 2 auth_param basic realm Cache NTLM Authentication auth_param basic credentialsttl 2 hours I then join the domain as follows: Net join -...

...15:36:48, 0] utils/ntlm_auth.c:manage_squid_ntlmssp_request(375) NTLMSSP BH: NT_STATUS_ACCESS_DENIED squid.conf settings are: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp -d 10 auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes I don't understand why it would complain about the winbindd_privileged directory when I've changed the permissions to it as follows: drwxr-x--- 2 root squid 72 Dec 18 14:54 winbindd_privileged/ I'm not sure what the line "not authorized to use winbind...

...-caching web server #auth_param basic credentialsttl 2 hours auth_param basic casesensitive off # Customer specific configs auth_param ntlm program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 30 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours auth_param basic casesensitive off . . . Here is the relevant part from a d...

...--enable-cache-digests --enable-kill-parent-hack --disable-ident-lookups authentication in squid.conf configured as: auth_param ntlm program /usr/local/samba/bin/ntlm_auth -d 10 --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes # auth_param basic program /usr/local/samba/bin/ntlm_auth -d 10 --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Highmark Proxy Server auth_param basic credentialsttl 2 hours acl internet proxy_auth REQUIRED http_access allow internet http_access deny...

.... I have witnessed this behaviour occuring with IE 5.5 & 6 running on Win98, 2000 and XP. Relevant parts of the configuration files: == squid.conf == auth_param ntlm program /usr/local/squid/libexec/wb_ntlmauth auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes == smb.conf == workgroup = MYGROUP password server = MYPDC security = domain winbind uid = 10000-20000 winbind gid = 10000-20000 winbind use default domain = yes $ ./wbinfo -a MYGROUP\\steve%password plaintext password authentication succeeded challenge/response password authentication...

...If I authenticate using /usr/bin/ntlm_auth --username=administrator It authenticates perfectly. I have this in my squid.conf auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 45 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours And my ACL's acl all src 0.0.0.0/0.0.0.0 acl localhost src 127.0.0.1/255....

...anyone suggest where I should be looking to make it work? squid.conf lines look like: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of=ourdomainame\\ourgroupname auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 20 minutes auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of=ourdomainame\\ourgroupname auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours Ill post my smb.conf if its asked f...

...ase Help Following is my present squid configuration squid-2.5.STABLE6-3.4E.11 ========================================================= auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 30 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes external_acl_type nt_group ttl=0 concurrency=5 %LOGIN /usr/lib/squid/wbinfo_group.pl acl unrestrictedusers external nt_group internet http_access allow unrestrictedusers ========================================================== samba-3.0.21c-1 [global] workgroup = DNA server st...

...ls every time. Below are the config lines I'm using: # Experimental Domain Authentication auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of=MERCURY\WebAccess auth_param ntlm children 30 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of=MERCURY\WebAccess auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours acl AuthorizedUsers proxy_auth REQUIRED http_...

...I can then view users and groups, but with custom setting it doesn't get this far because the net join fails. My squid config looks like this: auth_param ntlm program /usr/local/libexec/squid/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param ntlm children 2 auth_param basic program /usr/local/libexec/squid/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 2 auth_param basic realm Cache NTLM Authentication auth_param basic credentialsttl 2 hours Anyone got any suggestions? Im totally lost.. Tha...

...is correct as we tried this numerous times and we also tried copy pasting the password into the required field. Our squid.conf looks like this: auth_param ntlm program /usr/local/libexec/squid/ntlm_auth --helper-protocol=squid-2.5-ntlmssp -d9 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param ntlm children 2 auth_param basic program /usr/local/libexec/squid/ntlm_auth --helper-protocol=squid-2.5-basic -d9 auth_param basic children 2 auth_param basic realm Cache NTLM Authentication auth_param basic credentialsttl 2 hours Anyone have any idea as to why that would happ...

...5.conf files to much my AD domain settings. I joined the domain. My squid.conf file containes the following: auth_param ntlm program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours acl a...

...alidating user via NTLM. Error returned 'BH NT_STATUS_ACCESS_DENIED' The relevent config in squid.conf for this is like so: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours So I checked to see if kerberos was working still. Running 'kinit adminstrator@S...

hello, samba is setup PDC with ldap client : windows xp pro sp2 server : samba 3.0.20 + openldap 2.2 + squid 2.5stable14 + squidGuard is it possible to create an automatic logon with internet explorer ? perhaps with ntlm_auth, but i can't find the good sentence. thanks.

...roxy-caching web server #auth_param basic credentialsttl 2 hours auth_param basic casesensitive off # Site specific configs auth_param ntlm program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 30 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours . . . # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS #...

...US_OK: Success (0x0) then, configure my squid to work with ntlm_auth, so squid.conf will be: auth_param ntlm program /usr/squid/libexec/ntlm_auth --debug-level=10 --helper-protocol=squid-2.5-nt lmssp --nt-response auth_param ntlm children 40 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/squid/libexec/ntlm_auth --debug-level=10 --helper-protocol=squid-2.5-ba sic --nt-response auth_param basic children 40 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours Ok ? that's ok. then I open my IE6, lat...

Hi All, I cannot get my Samba server 2.2.8 working with winbind correctly on Solaris 8. I intend to use this to transparently authenticate squid 2.5stable2. I compiled samba using gcc 2.95.3. configure options were ./configure --with-winbind-auth-challenge --with-winbind --with-pam root# ./wbinfo -t Secret is good root# ./wbinfo -u 0xc0000022 The same thing with wbinfo -g. getent group

...r this string: TAG: auth_param Skip down through the explanatory comments and put in the following changes in this order: auth_param ntlm program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 30 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours Note that the template squid.conf file has several references to auth_para...