On 07/10/10 00:55, Saurabh Agarwal wrote:
Hi
I am using Squid 2.7Stable7 and trying to authenticate to a sharepoint server
using NTLM. I have observed that sharepoint server sends a 401 status code with
proper ntlm authentication headers to squid as follows
WWW-Authenticate: Negotiate\r\n
WWW-
Hi
I am using Squid 2.7Stable7 and trying to authenticate to a sharepoint server
using NTLM. I have observed that sharepoint server sends a 401 status code with
proper ntlm authentication headers to squid as follows
WWW-Authenticate: Negotiate\r\n
WWW-Authenticate: NTLM\r\n
but squid doesn't f
On Thu, 21 Apr 2005, Nirina Michel wrote:
Thanks, it works. A bug in the debian package? 'other'
doesn't have the rights rx on the directory while the
pipe rights are ok.
The access to this pipe is restricted by default for security reasons, and
the correct method for providing access to this pip
Finally, it works. The problem was the debian package
in sarge which still provides wb_group instead of
wbinfo_group.pl. I had to download the source tarball
and copied the famous perl script into the right
directory and modified the squid configuration.
For you all, thanks for your help.
> Thank
Thanks, it works. A bug in the debian package? 'other'
doesn't have the rights rx on the directory while the
pipe rights are ok.
Another challenge : how can I set an acl with members
of a NT group? In this case, it will be users in the
group DOMAIN/Internet.
--- Henrik Nordstrom <[EMAIL PROTECTED]
On Wed, 20 Apr 2005, Nirina Michel wrote:
Thanks, the dialog box now appears but the user I set
in acl "unrestricted" can't be autheticated. In the
logs I can see : winbind client not authorized to use
winbindd_pam_auth_crap. Ensure permissions on
/var/run/samba/winbindd_privileged are set correctl
--- Robert Vangel <[EMAIL PROTECTED]> wrote:
> Nirina Michel wrote:
>># Deny CONNECT to other than SSL ports
>>http_access deny CONNECT !SSL_ports
>>http_access allow localhost
>>http_access allow lan
>>#http_access allow unrestricted
>>#http_access deny !Authenticated
>>
>>Hmm.. this allows your
Nirina Michel wrote:
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow lan
#http_access allow unrestricted
#http_access deny !Authenticated
Hmm.. this allows your users access without
requiring authentication..
Even if I uncomm
> # Deny CONNECT to other than SSL ports
> http_access deny CONNECT !SSL_ports
> http_access allow localhost
> http_access allow lan
> #http_access allow unrestricted
> #http_access deny !Authenticated
>
> Hmm.. this allows your users access without
> requiring authentication..
>
Even if I uncom
On Fri, 15 Apr 2005, Nirina Michel wrote:
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow lan
#http_access allow unrestricted
#http_access deny !Authenticated
Hmm.. this allows your users access without requiring authenticatio
Hi all,
I am trying to replace our IIS&MS-Proxy Server with
squid and linux. My test server is a Debian GNU/linux
sarge 3.1 with squid 2.5 stable 6 and I installed
samba and winbind 3.0.7 so the users can be
authenticated through the domain server like before.
I think I made all necessary configur
26 AM
Para: Daniel Meyer
CC: Henrik Nordstrom; Chavez Gutierrez, Freddy;
[EMAIL PROTECTED]
Asunto: Re: [squid-users] NTLM authentication not working with Squid 2.5
+ Samba 3.0 after reading all the FAQs
On Tue, 24 Feb 2004, Daniel Meyer wrote:
> Guess i am missing something here.
>
> on
On Tue, 24 Feb 2004, Daniel Meyer wrote:
> Winbind log says:
> [2004/02/24 11:10:49, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(245)
>winbindd_pam_auth_crap: non-privileged access denied. !
>winbindd_pam_auth_crap: Ensure permissions on
> /var/locks/winbindd_privileged are set cor
On Tue, 2004-02-24 at 10:07, Daniel Meyer wrote:
> Henrik Nordstrom wrote:
>
> > Also verify that you have given Squid access to the Samba privileged pipe.
> > This is normally only accessible by root. You should see some warnings in
> > cache.log or the Samba logs if this is the problem.
>
> G
On Tue, 24 Feb 2004, Daniel Meyer wrote:
> Guess i am missing something here.
>
> on my system the pipe has the following permissions:
>
> proxy:/var/locks/winbindd_privileged # ls -alp
> total 0
> drwxr-x---2 root root 72 Feb 24 10:52 ./
> drwxrwxrwx4 root root
Daniel Meyer wrote:
Doesnt matter if i try to change owner/group, or just the rwx
permissions for owner/group/all...
Where is my mistake?
Update: changing to root:squid works. user squid is in group squid, but
cant access the pipe:
Winbind log says:
[2004/02/24 11:10:49, 2] nsswitch/winbindd_p
Henrik Nordstrom wrote:
Also verify that you have given Squid access to the Samba privileged pipe.
This is normally only accessible by root. You should see some warnings in
cache.log or the Samba logs if this is the problem.
Guess i am missing something here.
on my system the pipe has the follo
On Mon, 23 Feb 2004, Chavez Gutierrez, Freddy wrote:
> acl domain_admins proxy_auth mydomain+testuser
> http_access allow domain_admins
Your setup looks fine from what I can tell, but NTLM does not use the
domain separator and usernames in NTLM authentication will always be seen
with the \ se
Hi,
At 18.13 23/02/2004, Chavez Gutierrez, Freddy wrote:
I can't get Squid to authenticate to Windows NT users.
I have a system with Linux Fedora 1.0 (samba 3.0.0, squid 2.5 STABLE3).
I've read Squid FAQ and Samba FAQ and I've done:
1. Configure Samba to join to my NT Domain with "net rpc join",
I can't get Squid to authenticate to Windows NT users.
I have a system with Linux Fedora 1.0 (samba 3.0.0, squid 2.5 STABLE3).
I've read Squid FAQ and Samba FAQ and I've done:
1. Configure Samba to join to my NT Domain with "net rpc join", then:
# wbinfo -t
checking the trust secret via RPC ca
20 matches
Mail list logo
