similar to: ADS auth for squid

Hai, I think this is an old bug.. ( pretty sure about it ) And i suggest to dont change anything except smb.conf. Your trying to use kerbereros usersname. wbinfo -a marcio at EMPRESA.COM.BR Enter marcio at EMPRESA.COM.BR's password: And you using: winbind use default domain = yes This is and old bug somewhere in 4.5/4/6 i believe. Only change these, yes only slows down you

Hello to all, I'm having problem using this enviroment: Squid 2.7.STABLE7 Samba 3.4.7 Squid.conf auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 auth_param ntlm keep_alive on auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param basic children 5 auth_param basic realm Squid proxy-caching web

Hello there. I'm try to configure squid3 with samba4-alpha-10 autentication. My samba4 pdc work fine with a simple smb.conf: [globals] netbios name = PANTRO workgroup = MYDOMAIN realm = MYDOMAIN.LAN server role = domain controller [netlogon] path = /usr/local/samba/var/locks/sysvol/mydomain.lan/scripts read only = no

Hai Fabricio, > Hello Louis, > I did all the tests and they worked, but here some questions. > > When using the wrapper with samba47, I see the squid tries > Kerberos, if it doesn't work, it goes for NTLM. Yes and no, read on you see why i say yes and no.. > If I use the wrapper for a machine that is NOT on a Domain, > it just fails, which is fine because the

More information: Macchine [LOJA09A] is my proxy Squid with ntlm, is dont working now... Winbind is ok(list user and group), but not autenticatio!! Squid auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 25 startup=0 idle=1 auth_param ntlm keep_alive on auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic

Hai Amos, Thank you for your very clear responce.. few small questions.. Is there a way to setup the proxy for the following. 1) use negotiate kerberos for auth, ( which is working already for all domain joined machines ) 2) use a fall back that works, for now basic ldap works for non windows machines, and domain joined machines. 3) use any other fallback way for authentication users on windows

Hi! I upgrade for Samba 4 8.2 my 3 DCs(no ore erro, and replication is ok with kcc), but msg about Squid with NTLM persist, and dont work more... May 18 11:50:43 DC3 samba: conn[named_pipe] c[unix:] s[unix:/opt/samba/var/run/ncalrpc/np/netlogon] server_id[2157][2157]:   schannel_check_required: [LOJA09A] is not using schannel Any ideia ? Regards; On 18-05-2018 12:24, Carlos wrote: >

Hi all, please cc me, i'm not on the list. Second: All google findable information about problems setting up ntlm_auth for squid with winbind are read and checked more than three times. After breaking a running setup under debian squeeze, i go back to debian lenny to circumvent the actual MIT kerberos problem[1]. [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566977#57 Now i

... sorry wrong list.. but you can read it and learn from it.. :-)) Greetz, Louis >-----Oorspronkelijk bericht----- >Van: samba [mailto:samba-bounces at lists.samba.org] Namens >L.P.H. van Belle >Verzonden: dinsdag 18 augustus 2015 9:45 >Aan: samba at lists.samba.org >Onderwerp: Re: [Samba] [squid-users] debian Jessie squid with >auth (kerberos/ntlm/basic) ERROR

Hi all, I have samba4.2 (Version 4.2.0pre1-GIT-6d2f56d) as AD domain controller. Some users can only logon to specific window workstation. Now, we want to configure the samba AD as the user authentication of squid. I use the following configuration in squid. The users without workstation limitation can successfully authenticate to squid, but the user with workstation limitation cannot.

Hello: I have a squid3 with aunteticacion ntlm integrated to samba4 but in workstations with windows 8.1 constantly asked for the username and password and it does not let the user navigate, use debian 8 + samba 4.7.7, no idea because that happens in client with windows 7 works well. smb.conf workgroup = MYDOMINIO security = ads netbios name = srv-proxy server string = Servidor Proxy de

Hi people: I have a winbind 3.2.5 running on a box to authenticate users in my squid. My PDC is a samba 3.0.24 and it stores users on ldap. I have aprox 500 users and when they all use the squid my winbind generates a lot of traffic to my pdc box causing high load on the smb process that talks to the winbind... killing the performance of the squid. Is there anyway to reduce this traffic? Why

Hi, I'm struggling to get squid+ntlm_auth working correctly. I have successfully joined the domain, and I am able to successfully enumerate groups and users using wbinfo. I can also successfully run "wbinfo -a." However, once I configure Squid to use ntlm_auth per: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --debug-level=10 --nt-response

YES!!!!!!!!!!!!!!! HOT DOGGIES!!!!!!!!!!!!!!!!!!!!! I think I fixed it. The problem - Squid worked at my test site - it did not popup a login window, but instead used Ssamba's ntlm helper program to get credentials from IE. But at my customer site it did (improperly) popup a login window. The squid.conf files were almost identical - even to the point where my working test site incorrectly

Hai, Someone called me called?? I did a quick read here in this thread.. The upn part is done, so your almost there. You need to make sure your DNS is working as it should. To check on the proxy with dig a hostname.FQDN. dig -x ip_the_server Test this for the DC hostnames/ips also. If that all ok, you can try these settings in squid # For squid ( works for me as of squid 3.2 up to 3.5

This turned into the mother of all system integration exercises and I **almost** have it working. I am trying to set up proxy authorization using: RedHat Linux 9.0, MIT Kerberos 1.4 built from source, Samba 3.0.13 built from source, Squid 2.5.STABLE7 built from source SmartFilter 4.01. Active Directory with Windows 2003 Why not use RPMs? Well - ADS support for Windows 2003 needs

Hi, We are running Squid version: 2.5.STABLE13 and Samba version: Version 3.0.21b We have it setup to use NTLM to check that the user belongs to a group within the domain. The need has arrisen to be able to support multiple groups. Is this possible? Our squid.conf section: auth_param ntlm program /ntlm_auth.sh ntlmssp auth_param ntlm max_challenge_reuses 0 auth_param ntlm

The most simple way to add SSO. ? Install winbind krb5-user, then?your smb.conf,? update this config : [global] ??? # Auth-Only setup with winbind. ( no Shares ) ????log level = 1 ??? workgroup = NTDOM ??? security = ADS ??? realm = YOUR-REALM ??? netbios name = HOSTNAME ? ??? preferred master = no ??? domain master = no ??? host msdfs = no ??? dns proxy = yes ? ??? interfaces = eth0 lo ??? bind

Morning all, Im trying to resolve a problem with the way a new squid server im building handles NTLM authentication for Windows clients that arent part of the default domain. I have two groups of PCs. The first group of PC's are in the same domain as my squid server (which obviously has a working samba running on it as well). This first group of PC's are using NTLM authentication in

Hi all, I'm having trouble getting ntlm_auth working with the "--require-membership-of=" option. I did rebuild the Samba RPM so that it had the --enable-auth="ntlm,basic" and --enable-external-acl-helpers="wbinfo_group" settings. The command line test for the squid-2.5-basic protocol returns an "OK". The one using the squid-2.5-ntlmssp protocol