I'm not sure whats going on. I just put a clean
fedora 2 install on the box and I am getting the same
exact problem. I have no idea what I'm doing wrong
but there is def something wrong. The only thing I
find wierd is that I am trying to use this with
dansguardian and if I stop dansguardian and comment
out the auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp it still doenst
let me out. I keep getting denied in the access log.
--- Adam Aube <[EMAIL PROTECTED]> wrote:
> Please reply to the list and not to me personally.
>
> Johnny Doe wrote:
> > --- Adam Aube <[EMAIL PROTECTED]> wrote:
>
> >> Since you didn't explicitly show it, I'm going to
> guess that you did a
> >> "su squid" before running wbinfo.
>
> >> Have you added any winbind lines to nsswitch.conf
> or PAM? If all you are
> >> using winbind for is Squid integration with a
> Windows domain, you don't
> >> need those lines and can take them out.
>
> >> Just to be thorough, can you post your smb.conf
> file and the output of
> >> "squid -v"?
>
> > Yes I did su over to squid before running that
> command. I'm not sure you
> > ment by the if I changed pam but here is the squid
> file from
> > the /etc/pam.d
>
> > #%PAM-1.0
> > auth required pam_stack.so
> service=system-auth
> > account required pam_stack.so
> service=system-auth
>
> > Here is a copy of my nsswitch.conf
>
> > passwd: files nisplus
> > shadow: files nisplus
> > group: files nisplus
> > hosts: files nisplus dns
> > bootparams: nisplus [NOTFOUND=return] files
> > ethers: files
> > netmasks: files
> > networks: files
> > protocols: files winbind nisplus
> > rpc: files
> > services: files winbind nisplus
> > netgroup: files winbind nisplus
> > publickey: nisplus
> > automount: files winbind nisplus
> > aliases: files nisplus
>
> > smb.conf
>
> > [global]
> > workgroup = SMC
> > server string = SMCSquid Samba Server
> > winbind uid = 10000-20000
> > winbind gid = 10000-20000
> > winbind enum users = yes
> > winbind enum groups = yes
> > template homedir = /home/winnt/%D/%U
> > template shell = /bin/bash
> > printcap name = /etc/printcap
> > load printers = yes
> > log file = /var/log/samba/%m.log
> > max log size = 50
> > security = domain
> > password server = smcnt3
> > encrypt passwords = yes
> > smb passwd file = /etc/samba/smbpasswd
> > unix password sync = Yes
> > passwd program = /usr/bin/passwd %u
> > passwd chat = *New*UNIX*password* %n\n
> *ReType*new*UNIX*password* %n\n
>
>*passwd:*all*authentication*tokens*updated*successfully*
>
> > socket options = TCP_NODELAY SO_RCVBUF=8192
> SO_SNDBUF=8192
> > local master = no
> > os level = 33
> > dns proxy = no
> > idmap uid = 16777216-33554431
> > idmap gid = 16777216-33554431
> > template shell = /bin/bash
> > winbind use default domain = yes
> > password server = smcnt3
> > [homes]
> > comment = Home Directories
> > browseable = no
> > writable = yes
> > [printers]
> > comment = All Printers
> > path = /var/spool/samba
> > browseable = no
> > guest ok = no
> > writable = no
> > printable = yes
>
> > squid -v
> > Squid Cache: Version 2.5.STABLE5
> > configure options: --host=i386-redhat-linux
> --build=i386-redhat-linux
> > --target=i386-redhat-linux-gnu --program-prefix=
> --prefix=/usr
> > --exec-prefix=/usr --bindir=/usr/bin
> --sbindir=/usr/sbin --sysconfdir=/etc
> > --datadir=/usr/share --includedir=/usr/include
> --libdir=/usr/lib
> > --libexecdir=/usr/libexec --localstatedir=/var
> --sharedstatedir=/usr/com
> > --mandir=/usr/share/man --infodir=/usr/share/info
> --exec_prefix=/usr
> > --bindir=/usr/sbin --libexecdir=/usr/lib/squid
> --localstatedir=/var
> > --sysconfdir=/etc/squid --enable-poll
> --enable-snmp
> > --enable-removal-policies=heap,lru
> > --enable-storeio=aufs,coss,diskd,null,ufs
> --enable-ssl
> > --with-openssl=/usr/kerberos --enable-delay-pools
>
> > --enable-linux-netfilter --with-pthreads
> > --enable-ntlm-auth-helpers=SMB,winbind
> >
>
--enable-external-acl-helpers=ip_user,ldap_group,unix_group,wbinfo_group,
> > winbind_group
> > --enable-auth=basic,ntlm
> --with-winbind-auth-challenge
> > --enable-useragent-log --enable-referer-log
> --disable-dependency-tracking
> > --enable-cachemgr-hostname=localhost
> --disable-ident-lookups
> > --enable-truncate --enable-underscores
> --datadir=/usr/share
> >
>
--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SMB,YP,getpwnam,
> > multi-domain-NTLM,SASL,winbind
>
>
>
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
http://promotions.yahoo.com/new_mail
