Re: [squid-users] Re: squid_ldap_group authorisation of 2000 AD Groups
On Fri, 2004-12-03 at 00:14, Adam Aube wrote: There is support for NTLM (aka Windows Integrated Authentication), but it has some limitations: 1) It only fully works with IE AFAIK Mozilla Firefox supports it, both on MSWindows and on Non-MSWindows platforms. Of course, on Firefox it is (rightfully so if you ask me) non-transparent. 2) NTLM-over-HTTP is horribly broken - see the list archives for details I can testimony to that. Kinkie
Re: [squid-users] Re: squid_ldap_group authorisation of 2000 AD Groups
Hi, At 13.47 05/12/2004, Kinkie wrote: On Fri, 2004-12-03 at 00:14, Adam Aube wrote: There is support for NTLM (aka Windows Integrated Authentication), but it has some limitations: 1) It only fully works with IE AFAIK Mozilla Firefox supports it, both on MSWindows and on Non-MSWindows platforms. Of course, on Firefox it is (rightfully so if you ask me) non-transparent. On Windows latest Firefox seems to works transparently using logged-in user credentials like IE. 2) NTLM-over-HTTP is horribly broken - see the list archives for details I can testimony to that. Me too ... :-) Regards Guido - Guido Serassio Acme Consulting S.r.l. - Microsoft Certified Partner Via Gorizia, 69 10136 - Torino - ITALY Tel. : +39.011.3249426 Fax. : +39.011.3293665 Email: [EMAIL PROTECTED] WWW: http://www.acmeconsulting.it/
[squid-users] Cache Hits: 0.00000
I am either having a problem or my machine is faster than lightning :-) I am running: Squid Cache: Version 2.5.STABLE7 configure options: --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/share/info --exec_prefix=/usr --bindir=/usr/sbin --libexecdir=/usr/lib/squid --localstatedir=/var --sysconfdir=/etc/squid --enable-poll --enable-snmp --enable-removal-policies=heap,lru --enable-storeio=aufs,coss,diskd,null,ufs --enable-ssl --with-openssl=/usr/kerberos --enable-delay-pools --enable-linux-netfilter --with-pthreads --enable-useragent-log --enable-referer-log --disable-dependency-tracking --enable-cachemgr-hostname=localhost --disable-ident-lookups --enable-truncate --enable-underscores --datadir=/usr/share compiled from source on a freshly installed Fedora Core 3 system with the following specs: Dell 6550 dual Intel(R) Xeon(TM) MP CPU 2.70GHz - 512 KB cache and 3G Ram with 3 disks in Raid5 (quite a sweet machine) Well it seems that something is quite wrong. Cache Hits:0.0 0.0 Is this possible? Median Service Times (seconds) 5 min60 min: HTTP Requests (All): 0.00562 0.05331 Cache Misses: 0.18699 0.14252 Cache Hits:0.0 0.0 Near Hits: 0.0 0.12783 Not-Modified Replies: 0.0 0.0 DNS Lookups: 0.06364 0.00190 ICP Queries: 0.0 0.0 Also I'd like to know why is my 50G /cache never filling up. I have the following settings: cache_mem 512 MB cache_dir ufs /cache 5 16 256 I'd like to use the whole 100G someday but I am noticing that no matter what I can't even fill 50% of my 50G /cache On the above note, I am trying to maximize speed since I have a very large pipe to the internet. Any recommendations or suggestions? Thank you guys! _ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Re: [squid-users] Re: squid_ldap_group authorisation of 2000 AD Groups
Serassio Guido wrote: Hi, At 13.47 05/12/2004, Kinkie wrote: On Fri, 2004-12-03 at 00:14, Adam Aube wrote: There is support for NTLM (aka Windows Integrated Authentication), but it has some limitations: 1) It only fully works with IE AFAIK Mozilla Firefox supports it, both on MSWindows and on Non-MSWindows platforms. Of course, on Firefox it is (rightfully so if you ask me) non-transparent. On Windows latest Firefox seems to works transparently using logged-in user credentials like IE. 2) NTLM-over-HTTP is horribly broken - see the list archives for details I can testimony to that. Me too ... :-) Regards Guido Hmmm... this doesn't bode well for what I am trying to do. However it is working at the moment. My only problem is that the users to be authenticated/authorised are in different OUs. How can I get squid_ldap_group to work with users in different OUs? I set the Base DN to be at the level in the tree below the OUs but I don't think the search filter can construct the user DN from the base DN and the filter. Any advice? Regards, Oliver
[squid-users] ./squid_ldap_auth command says bash: ./squid_ldap_auth: No such file or directory
Dear all, I was trying to test my squid_ldap_auth from the terminal as shown below but the outcome was bad: *./squid_ldap_auth -P -R -b 'dc=shinyang,dc=com dc=my' -D 'cn=admin,dc=shinyang,dc=com dc=my' -w password -f 'cn=%s' -h 172.16.0.21 bash: ./squid_ldap_auth: No such file or directory *As seen above, it responded with bash: ./squid_ldap_auth:no such file or directory I read from somwhere, if I type ./squid_ldap_auth at least there should be something proper or some prompt come out, but this just say bash.. Anyone knows why? I do have squid_ldap_auth comes with the RH distribution in /usr/lib/squid/sauid_ldap_auth Please help...thanks in advnace... * *
Re: [squid-users] Windows Update Parent Cache Problem
On Sat, 4 Dec 2004 19:36:20 +0100, Martin Loehnertz [EMAIL PROTECTED] wrote: Hello, Windows Update has funny problems with the use of parent caches. I use some exotic setup so I describe it first. 2 Computers, 1 Mac, 1 Windows, squid runnig on the Mac, Mode 1: Mac connected to internet by 56k modem, everything (including WU throgh squid) works fine Mode 2: Windows connected to satellite-connection running special satellite-proxy, request are send out over 56k modem of Mac, answer by satellite to pci-card in Windows; squid running on the mac with satellite-proxy as default parent cache, surfing fine, Windowsupdate fails Now the funny part: If I copy the URL WU requested from squid's access.conf and enter it into my browser on the Mac, the file starts to download. Now i kick WU again and it works - and keeps working for this file even after canceling the browser request. Some ideas ? Do you mean after canceling the browser request in mac? Venkatesh K
[squid-users] Re: ./squid_ldap_auth command says bash: ./squid_ldap_auth: No such file or directory
Yong Bong Fong wrote: ./squid_ldap_auth -P -R -b 'dc=shinyang,dc=com dc=my' -D 'cn=admin,dc=shinyang,dc=com dc=my' -w password -f 'cn=%s' -h 172.16.0.21 bash: ./squid_ldap_auth: No such file or directory I do have squid_ldap_auth comes with the RH distribution in /usr/lib/squid/sauid_ldap_auth The ./ tells the shell look in the current directory. I'm guessing you weren't in the /usr/lib/squid directory when you did this. Do a cd /usr/lib/squid and try again. Does it work? Adam
RE: [squid-users] Cache Hits: 0.00000
I am either having a problem or my machine is faster than lightning :-) I am running: Squid Cache: Version 2.5.STABLE7 configure options: --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/share/info --exec_prefix=/usr --bindir=/usr/sbin --libexecdir=/usr/lib/squid --localstatedir=/var --sysconfdir=/etc/squid --enable-poll --enable-snmp --enable-removal-policies=heap,lru --enable-storeio=aufs,coss,diskd,null,ufs --enable-ssl --with-openssl=/usr/kerberos --enable-delay-pools --enable-linux-netfilter --with-pthreads --enable-useragent-log --enable-referer-log --disable-dependency-tracking --enable-cachemgr-hostname=localhost --disable-ident-lookups --enable-truncate --enable-underscores --datadir=/usr/share compiled from source on a freshly installed Fedora Core 3 system with the following specs: Dell 6550 dual Intel(R) Xeon(TM) MP CPU 2.70GHz - 512 KB cache and 3G Ram with 3 disks in Raid5 (quite a sweet machine) Well it seems that something is quite wrong. Cache Hits:0.0 0.0 Is this possible? Note that this value denotes the median service time for cache hits. It does not say that there are not any hits. As to why it is 0 , perhaps currently your squid is lightly loaded. Median Service Times (seconds) 5 min60 min: HTTP Requests (All): 0.00562 0.05331 Cache Misses: 0.18699 0.14252 Cache Hits:0.0 0.0 Near Hits: 0.0 0.12783 Not-Modified Replies: 0.0 0.0 DNS Lookups: 0.06364 0.00190 ICP Queries: 0.0 0.0 Also I'd like to know why is my 50G /cache never filling up. I have the following settings: cache_mem 512 MB cache_dir ufs /cache 5 16 256 I'd like to use the whole 100G someday but I am noticing that no matter what I can't even fill 50% of my 50G /cache That depends on your users Internet access profile (too). Suppose they are all accessing objects with short lifetimes. Theoretically that behavior could even be worse. You may have a light load , or you didn't wait long enough. It can take up to a week to fill the cache. What is your average http reqs/sec ? M. On the above note, I am trying to maximize speed since I have a very large pipe to the internet. Any recommendations or suggestions? Thank you guys! _ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
[squid-users] squid_ldap_auth from command line do nothing ...and display no further prompt from terminal
Hello All, When I typed my squid_ldap_auth command as shown below, it always do nothing. Other people seems to get a follow-up response of a prompt for username and password from the machine, and then further prompting an error or ok message back to user. But my command seems to just stuck there without further progress, see below: [EMAIL PROTECTED] root]# /usr/lib/squid/squid_ldap_auth -b dc=shinyang, dc=com, dc=my -D cn=root,dc=shinyang,dc=com,dc=my -w -f '((objectclass=person)(cn=%s))' -h 172.16.0.21 (it just stops there and do nothing) *where should I track down the problem for this? Thanks in advance Regards Yong