[squid-users] ntlm_auth issue
Hi All, I am trying to implement ntlm_auth with Windows 2003 AD. Environment : - Centos 5.3 - Squid 2.6 STABLE 21 - Samba 3 - Kerberos 5 After configuring everything according to this : http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirecto ry I got this error : [2009/11/01 15:36:11, 0] libads/sasl.c:ads_sasl_spnego_bind(330) kinit succeeded but ads_sasl_spnego_krb5_bind failed: Invalid credentials Failed to join domain: Invalid credentials Anyone ever facing the same problem or have any idea about this error? I cannot join Linux box the AD. FYI, kinit, net ads info and klist success (ticket acquired). Thank you for your attention. Best Regards, Hendrik Suantio
[squid-users] squid_ldap_auth \5c issue
Hi, I am using squid_ldap_auth. I am trying to integrate squid v2.6 stable21 with squid_ldap_auth for authentication with Microsoft AD. Scenario : Client username : jack Microsoft AD Domain : foo Basically internet explorer or other browser will automatically insert username "foo\jack" and password the same as login password for the authentication, but when I check with : /usr/lib/squid/squid_ldap_auth -v 3 -R -d -b "dc=your,dc=domain" -D "cn=Administrator,dc=your,dc=domain" -w "somepassword." -f sAMAccountName=%s -h LDAPServer (press enter) foo\jack somepassword Then, the debug will says that : user filter 'sAMAccountName=foo\5cjack' This is the issue (the convert from "\" to "\5c") that makes every user must enter their username and password manually when ldap ask for authentication, which the user will enter : Username : jack Password : somepassword This method will works perfectly. So, my question is : . Is there any way to make squid_ldap_auth does not convert "\" to "\5c" ? I already googled everywhere and I found no solution except using NTLM as other method, but I prefer squid_ldap_auth because of it's simplicity. I am very glad for your reply. Thank you. ________ ___ Best Regards, Hendrik Suantio Singapore
[squid-users] squid_ldap_auth \5c issue
Hi, I am using squid_ldap_auth. I am trying to integrate squid v2.6 stable21 with squid_ldap_auth for authentication with Microsoft AD. Scenario : Client username : jack Microsoft AD Domain : foo Basically internet explorer or other browser will automatically insert username "foo\jack" and password the same as login password for the authentication, but when I check with : /usr/lib/squid/squid_ldap_auth -v 3 -R -d -b "dc=your,dc=domain" -D "cn=Administrator,dc=your,dc=domain" -w "somepassword." -f sAMAccountName=%s -h LDAPServer (press enter) foo\jack somepassword Then, the debug will says that : user filter 'sAMAccountName=foo\5cjack' This is the issue (the convert from "\" to "\5c") that makes every user must enter their username and password manually when ldap ask for authentication, which the user will enter : Username : jack Password : somepassword This method will works perfectly. So, my question is : . Is there any way to make squid_ldap_auth does not convert "\" to "\5c" ? I already googled everywhere and I found no solution except using NTLM as other method, but I prefer squid_ldap_auth because of it's simplicity. I am very glad for your reply. Thank you. ________ ___ Best Regards, Hendrik Suantio Singapore