Hello, I've configured squid and it seems to be working as it logs which ip goes to which website but... I can't see the AD users. I've tested ./ntlm_auth with several usernames and it worked... If you have any idea of what the problem could be, it will be really appreciate! ;) I'm running Squid 3.0 RC1 on Gentoo 2007.0 with samba 3.0.26a and krb5-1.5.3-r1 Here is my squid.conf file : ########################### http_port 8080 cache_mgr [EMAIL PROTECTED] cache_effective_user squid cache_effective_group squid ftp_user [EMAIL PROTECTED] visible_hostname myservername.mydomain.local logfile_rotate 1 cache_mem 256 MB cache_access_log /var/log/squid/access.log cache_dir ufs /var/cache/squid/ncache 1024 16 256 log_ip_on_direct off debug_options ALL,1 hosts_file /etc/hosts auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 30 #auth_param ntlm max_challenge_reuses 0 #auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours acl all src 0.0.0.0/0.0.0.0 acl local_network src 192.168.1.0/24 127.0.0.1/32 http_access allow local_network acl SSL_ports port 443 563 acl Safe_ports port 21 70 80 210 280 443 488 563 591 777 1025-65535 acl CONNECT method CONNECT http_access deny !Safe_ports http_access deny CONNECT !SSL_ports acl AuthorizedUsers proxy_auth REQUIRED
http_access deny !AuthorizedUsers http_access allow all Here is a view of the access.log file of squid ############################### 1195130391.112 104 192.168.1.34 TCP_MISS/200 512 GET http://www.google-analy$ 1195130392.236 1303 192.168.1.34 TCP_MISS/200 20433 GET http://media.ldlc.com$ 1195130392.280 35 192.168.1.34 TCP_MISS/200 717 GET http://www.hardware.fr/$ 1195130416.467 317 192.168.1.34 TCP_MISS/200 2736 GET http://www.danstapomme$ 1195130416.613 109 192.168.1.34 TCP_MISS/200 503 GET http://www.danstapomme.$ 1195130416.617 112 192.168.1.34 TCP_MISS/200 1394 GET http://www.danstapomme$ 1195130416.849 347 192.168.1.34 TCP_MISS/200 24973 GET http://www.danstapomm$ 1195130416.915 31 192.168.1.34 TCP_MISS/404 571 GET http://www.danstapomme.$ Here is aview of cache.log of squid ############################### 007/11/15 13:37:13| Starting Squid Cache version 3.0.RC1 for i686-pc-linux-gnu$ 2007/11/15 13:37:13| Process ID 8219 2007/11/15 13:37:13| With 1024 file descriptors available 2007/11/15 13:37:13| DNS Socket created at 0.0.0.0, port 40818, FD 7 2007/11/15 13:37:13| Adding nameserver 192.168.1.251 from /etc/resolv.conf 2007/11/15 13:37:13| helperStatefulOpenServers: Starting 30 'ntlm_auth' process$ 2007/11/15 13:37:14| helperOpenServers: Starting 5 'ntlm_auth' processes 2007/11/15 13:37:14| User-Agent logging is disabled. 2007/11/15 13:37:14| Referer logging is disabled. 2007/11/15 13:37:14| Unlinkd pipe opened on FD 47 2007/11/15 13:37:14| Local cache digest enabled; rebuild/rewrite every 3600/360$ 2007/11/15 13:37:14| Swap maxSize 1048576 KB, estimated 80659 objects 2007/11/15 13:37:14| Target number of buckets: 4032 2007/11/15 13:37:14| Using 8192 Store buckets 2007/11/15 13:37:14| Max Mem size: 262144 KB 2007/11/15 13:37:14| Max Swap size: 1048576 KB 2007/11/15 13:37:14| Version 1 of swap file with LFS support detected... 2007/11/15 13:37:14| Rebuilding storage in /var/cache/squid/ncache (CLEAN) 2007/11/15 13:37:14| Using Least Load store dir selection 2007/11/15 13:37:14| Current Directory is /root 2007/11/15 13:37:14| Loaded Icons. 2007/11/15 13:37:14| Accepting HTTP connections at 0.0.0.0, port 8080, FD 49. 2007/11/15 13:37:14| HTCP Disabled. 2007/11/15 13:37:14| Ready to serve requests. 2007/11/15 13:37:14| Done reading /var/cache/squid/ncache swaplog (267 entries) 2007/11/15 13:37:14| Finished rebuilding storage from disk. 2007/11/15 13:37:14| 267 Entries scanned 2007/11/15 13:37:14| 0 Invalid entries. 2007/11/15 13:37:14| 0 With invalid flags. 2007/11/15 13:37:14| 267 Objects loaded. 2007/11/15 13:37:14| 0 Objects expired. 2007/11/15 13:37:14| 0 Objects cancelled. 2007/11/15 13:37:14| 0 Duplicate URLs purged. 2007/11/15 13:37:14| 0 Swapfile clashes avoided. 2007/11/15 13:37:14| Took 0.075 seconds (3.6e+03 objects/sec). 2007/11/15 13:37:14| Beginning Validation Procedure 2007/11/15 13:37:14| Completed Validation Procedure 2007/11/15 13:37:14| Validated 559 Entries 2007/11/15 13:37:14| store_swap_size = 2784 2007/11/15 13:37:15| storeLateRelease: released 0 objects Hope you will find something wierd in my config because I've redone it twice and I don't know what I've missed... Many Thanks. Kindly Regards. David
