[Comm] squid & wb_ntlmauth troubles - Konstantin V. Gaidukov

ALT Linux Community general discussions
 help / color / mirror / Atom feed

From: "Konstantin V. Gaidukov" <gkv@oskolmet.ru>
To: community@altlinux.ru
Subject: [Comm] squid & wb_ntlmauth troubles
Date: Fri, 06 Jun 2003 12:31:06 +0400
Message-ID: <3EE0514A.4070905@oskolmet.ru> (raw)
In-Reply-To: <3EE03EAF.7050104@symmetron.msk.ru>

Никак не получается прикрутить squid для авторизациии через домен W2k

------------------------------------- smb.conf 
----------------------------------
   workgroup = OMG
    log file = /var/log/samba/log.%m
    max log size = 50
    hosts allow = 192.168.1. 10.0.0. 127.
    security = domain
    password server = oscar pc-43
    encrypt passwords = yes
    winbind uid = 10000-20000
    winbind gid = 10000-20000
    winbind enum users = yes
    winbind enum groups = yes
    winbind separator = "\"
    winbind use default domain = yes
    dns proxy = no
    template homedir = /home/samba/temp/%D/%U
    template shell = /bin/bash

-----------------------------------squid.conf----------------------------------------
auth_param ntlm program /path/wb_ntlmauth
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

auth_param basic program /usr/local/squid/libexec/wb_auth
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

acl MyUser proxy_auth REQUIRED
acl all src 0.0.0.0/0.0.0.0
acl MyNet src 192.168.1.0/255.255.255.0

http_access allow MyUser
http_access allow MyNet
http_access deny all
------------------------------------
winbind прикручен:
#wbinfo -t
Secret is good
#wbinfo -a domain\\user%password
OK!
#/path/wb_auth -d
 >domain\user password
OK!

При присоединении клиента через IE, выдается окно для ввода пароля, но 
!!!!!
вводим правильный пароль - в доступе отказано.
Если поменять ntlm и basic местами - выдается окно ввода пароля и 
авторизация проходит успешно.
При входе в интернет через Mozill'у для виндов - сразу окно ввода пароля 
- и авторизация проходит успешно.

Squid 2.5, причем не только в ALT'овской сборке, но самосбор STABLE2 / 
STABLE3
Samba 2.2.7 ALT (стандарт из ALT Master 2.2)

next prev parent reply	other threads:[~2003-06-06  8:31 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-06-05  8:05 [Comm] NAT Кочетков Владимир
2003-06-05 11:32 ` Mike Lykov
2003-06-05 11:45 ` Andriy Dobrovol's'kii
2003-06-06  7:02   ` Re[2]: " Кочетков Владимир
2003-06-06  7:11     ` Владимир
2003-06-06  7:42       ` Konstantin V. Gaidukov
2003-06-06  8:26         ` Andriy Dobrovol's'kii
2003-06-06  8:31       ` Konstantin V. Gaidukov [this message]
2003-06-06  9:37       ` Re[2]: " Кочетков Владимир
2003-06-06 10:34         ` Alexander Simernin
2003-06-06 11:04         ` Владимир
2003-06-09  6:18           ` Re[2]: " Кочетков Владимир
2003-06-09  7:35             ` Andriy Dobrovol's'kii
2003-06-09  8:11               ` Re[2]: " Кочетков Владимир
2003-06-09  9:00                 ` Andriy Dobrovol's'kii
2003-06-09  9:32                   ` Re[2]: " Кочетков Владимир
2003-06-09  9:49                     ` Andriy Dobrovol's'kii
2003-06-09 10:11                       ` Re[2]: " Кочетков Владимир
2003-06-09 10:38                         ` Andriy Dobrovol's'kii
2003-06-10  6:01                         ` Alexander Vasiliev
2003-06-09 10:14                 ` Re[2]: " Yuri Hramov
2003-06-06 11:08         ` Konstantin V. Gaidukov
2003-06-06 11:36         ` Re[2]: " Yuri Hramov
2003-06-06 11:40         ` Yuri Hramov
2003-06-07 11:46           ` Igor Solovyov
2003-06-09  6:19           ` Re[4]: " Кочетков Владимир
2003-06-09  9:45             ` Yuri Hramov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3EE0514A.4070905@oskolmet.ru \
    --to=gkv@oskolmet.ru \
    --cc=community@altlinux.ru \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

ALT Linux Community general discussions

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
		mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
	public-inbox-index community

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://lore.altlinux.org/org.altlinux.lists.community


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git