similar to: [squid-users] AD user Login + Squid Proxy + Automatic Authentication

Displaying 20 results from an estimated 11000 matches similar to: "[squid-users] AD user Login + Squid Proxy + Automatic Authentication"

2019 Aug 05
0
problems with authentication
Hai, I think this is an old bug.. ( pretty sure about it ) And i suggest to dont change anything except smb.conf. Your trying to use kerbereros usersname. wbinfo -a marcio at EMPRESA.COM.BR Enter marcio at EMPRESA.COM.BR's password: And you using: winbind use default domain = yes This is and old bug somewhere in 4.5/4/6 i believe. Only change these, yes only slows down you
2017 May 23
0
Problems with Samba 4.6.3 Authentication
For got to mention. If you dont have any certificates setup and not using tls. Set on the DC's. ldap server require strong auth = allow_sasl_over_tls Or ldap server require strong auth = no And you may need to enable NTLM v1 on the proxy also, but thats why i recommends kerberos auth. SO preffered imo, try to avoid any NTLM to improve your security. For NTLM v1 then you
2015 Aug 18
0
[squid-users] debian Jessie squid with auth (kerberos/ntlm/basic) ERROR type NTLM type 3
Hai Amos, Thank you for your very clear responce.. few small questions.. Is there a way to setup the proxy for the following. 1) use negotiate kerberos for auth, ( which is working already for all domain joined machines ) 2) use a fall back that works, for now basic ldap works for non windows machines, and domain joined machines. 3) use any other fallback way for authentication users on windows
2018 Apr 11
0
Question: Samba and YP-Yellow Pages relation.
Hai Fabricio, > Hello Louis, > I did all the tests and they worked, but here some questions. > > When using the wrapper with samba47, I see the squid tries > Kerberos, if it doesn't work, it goes for NTLM. Yes and no, read on you see why i say yes and no.. > If I use the wrapper for a machine that is NOT on a Domain, > it just fails, which is fine because the
2018 Sep 27
0
[OT?] passing group name with spaces to ntlm_auth...
Hai marco, More info on squid config might help here and no smb.conf.. Ahead of things... And you better use something like this, change to negotiate auth. ( and use SSO ). auth_param negotiate program /usr/lib/squid/negotiate_wrapper_auth \ --kerberos /usr/lib/squid/negotiate_kerberos_auth -s HTTP/proxy1.internal.domain.tld at REALM \ #Or if you dont have the SPN set. --kerberos
2015 Aug 18
0
[squid-users] debian Jessie squid with auth (kerberos/ntlm/basic) ERROR type NTLM type 3
... sorry wrong list.. but you can read it and learn from it.. :-)) Greetz, Louis >-----Oorspronkelijk bericht----- >Van: samba [mailto:samba-bounces at lists.samba.org] Namens >L.P.H. van Belle >Verzonden: dinsdag 18 augustus 2015 9:45 >Aan: samba at lists.samba.org >Onderwerp: Re: [Samba] [squid-users] debian Jessie squid with >auth (kerberos/ntlm/basic) ERROR
2018 Sep 27
1
[OT?] passing group name with spaces to ntlm_auth...
On Thu, 2018-09-27 at 12:27 +0200, L.P.H. van Belle via samba wrote: > Hai marco,  > > More info on squid config might help here and no smb.conf..  > Ahead of things...   > > And you better use something like this, change to negotiate auth. ( > and use SSO ).  > > auth_param negotiate program /usr/lib/squid/negotiate_wrapper_auth \ >     --kerberos
2018 Apr 06
1
Question: Samba and YP-Yellow Pages relation.
Hai, Someone called me called?? I did a quick read here in this thread.. The upn part is done, so your almost there. You need to make sure your DNS is working as it should. To check on the proxy with dig a hostname.FQDN. dig -x ip_the_server Test this for the DC hostnames/ips also. If that all ok, you can try these settings in squid # For squid ( works for me as of squid 3.2 up to 3.5
2017 May 22
4
Problems with Samba 4.6.3 Authentication
Hi, I have posted the following message to Squid-Users forum ( squid-users at lists.squid-cache.org). "I have migrated of Samba 4.2.1 to Samba 4.6.3 as DC, but now my Squid authentication doesn't work. In samba 4.2.1 is working properly. This is my authentication block: auth_param basic program /usr/lib/squid3/basic_ldap_auth -R -b DC=empresa,DC=com,DC=br -D
2018 Jun 08
2
samba4+squid3+ntlm
Hello: I have a squid3 with aunteticacion ntlm integrated to samba4 but in workstations with windows 8.1 constantly asked for the username and password and it does not let the user navigate, use debian 8 + samba 4.7.7, no idea because that happens in client with windows 7 works well. smb.conf workgroup = MYDOMINIO security = ads netbios name = srv-proxy server string = Servidor Proxy de
2019 Aug 13
3
winbind - frequent high CPU utilization
Hi. I use winbind + squid on Debian Buster to authenticate users + authorize them based on groups they are in. It all works, well, good, but winbind's CPU utilization peaks can reach up to 100%. The same solution ran OK on Debian Jessie with up to 20% CPU utilization at most. The configuration of Buster must have been updated based on the samba version leap/shift compared to Jessie. On
2015 Aug 05
0
LDAP bindpw password
Rowland, dont be to hard on the guy.. ;-) Sorry that i cant help out more atm but im in process of win7 to win 10 testing with samba, and mainwhile doing a rollout.. :-/ Here are some working examples on debian jessie.. with samba 4.1.7 debian. an apache2.4 kerberos auth example. AuthType Kerberos AuthName "Website Login" KrbMethodNegotiate On KrbMethodK5Passwd
2018 Sep 27
2
[OT?] passing group name with spaces to ntlm_auth...
I've not clear if is a squid or a samba/ntlm_auth trouble... indeed... In Squid i've added: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --domain=LNFFVG --require-membership-of='LNFFVG\Domain Users' auth_param ntlm children 5 but in 'cache.log' i got: Winbindd lookupname failed to resolve 'LNFFVG\Domain into a SID! Winbindd
2014 Dec 18
0
Samba 4 with squid3 (--helper-protocol=gss-spnego )
Hai, ? Im know this might not be the place to ask, but im doing it anyway..? ;-) ? Im testing an debian Jessie server with squid3 ( 3.4.8 ) Its running Debian Samba 4.1.13 with winbind. ? Im having troubles, to get the squid auth working. So my question is is someone here using kerberos authentication on squid. ( 3.4.x ) Or someone who is using the gss-spnego helper protocol. ? Im using this
2016 Dec 28
1
Error with samba update in debian.
And i forgot to mention.   This is what i have for my squid.   auth_param negotiate program /usr/lib/squid/negotiate_wrapper_auth \     --kerberos /usr/lib/squid/negotiate_kerberos_auth -s HTTP/proxy.internal.domain.tld at REALM \     --ntlm /usr/bin/ntlm_auth --helper-protocol=gss-spnego --domain=NTDOMAIN   See the ntlm line. =>  --helper-protocol=gss-spnego     Greetz,  
2005 Apr 05
0
RE: [squid-users] IE improperly prompts for credentials; ntlm_auth with Samba 3.0.13, Squid 2.5.STABLE7, RedHat Linux 9.0, SmartFilter 4.01; ticket number 48293
YES!!!!!!!!!!!!!!! HOT DOGGIES!!!!!!!!!!!!!!!!!!!!! I think I fixed it. The problem - Squid worked at my test site - it did not popup a login window, but instead used Ssamba's ntlm helper program to get credentials from IE. But at my customer site it did (improperly) popup a login window. The squid.conf files were almost identical - even to the point where my working test site incorrectly
2005 Jun 17
0
NTLM, Squid & default domain
Morning all, Im trying to resolve a problem with the way a new squid server im building handles NTLM authentication for Windows clients that arent part of the default domain. I have two groups of PCs. The first group of PC's are in the same domain as my squid server (which obviously has a working samba running on it as well). This first group of PC's are using NTLM authentication in
2004 Nov 29
0
[newbie] SQUID/SAMBA problems with NTLM_Auth
Hello, I havn't gotten an answer over on the squid usergroup - so I'm hoping someone can help me here. SUSE - 9.1 SQUID - 2.5.STABLE5 SAMBA - 3.0.2a-SUSE (the one that came with SUSE Installer by YAST) I have set up squid, samba, got the winbind to work great Wbinfo -t, -u, -g all work great Squid also worked great until I tried to tie in NTLM_Auth If I authenticate using
2009 Jun 25
0
ADS auth for squid
Hi, I've already tried this in a squid list, but no response so maybe my problem is related to my squid conf. I'm setting up a squid proxy to auth against our 2003 ADS I have ntlm working so it authenticates both transparently to the user and using domain\username login. My Problem is getting squid to auth with just the username not requiring the domain\ part. The docs say I need
2005 Apr 07
2
Samba-Squid-AD: Error returned 'BH NT_STATUS_ACCESS_DENIED'
Hi everybody, I setup squid-2.5.STABLE9 with samba-3.0.13 to use winbind authentication over a Windows 2003 Active Directory. Web users' authentication from my proxy server box succeedes. But when a remote user try to authenticate himself, authentication failes and Squid return the following: authenticateNTLMHandleReply: Error validating user via NTLM. Error returned 'BH