Re: [squid-users] Configuring wb_group

From: Edward Mann <edward@dont-contact.us>
Date: 20 Nov 2002 10:45:12 -0600

What does your smb.conf file look like and do you have winbindd running?

thanks.

On Wed, 2002-11-20 at 10:22, Scott Kern wrote:
> Thank you very much for the help.
>
> I added the following and squid starts without any errors. One problem down, many more to go. :)
>
> Now authenticating from the browser fails. I'm using Netscape 4.79 on a system running Red Hat 7.3. I'm entering my Windows user name and password or do I need to add the domain or group?
>
> The access.log entry is:
> 1037809148.392 3 172.19.10.20 TCP_DENIED/407 1750 GET http://www.rootprompt.org/ - NONE/- text/html
>
> Which looks like the user name isn't being passed on.
>
> >>> Edward Mann <edward@arctechnology.com> 11/19/02 04:01PM >>>
>
> auth_param ntlm program /usr/lib/squid/wb_ntlmauth
> auth_param ntlm children 5
> auth_param ntlm max_challenge_reuses 0
> auth_param ntlm max_challenge_lifetime 2 minutes
>
> auth_param basic program /usr/lib/squid/wb_auth
> auth_param basic children 5
> auth_param basic realm ChoicePoint Proxy server
> auth_param basic credentialsttl 2 hours
>
> external_acl_type NT_global_group %LOGIN /usr/lib/squid/wb_group
>
> acl FullAccess external NT_global_group Domain_Group
>
>
> http_access allow FullAccess
>
> Do you have something like that?
>
>
> On Tue, 2002-11-19 at 14:54, Scott Kern wrote:
> > I'm trying to setup squid to use wb_group.
> >
> > Testing wb_group, I type domain+username group and get ERR.
> > Both wbinfo -u & -g report back users and groups.
> >
> > In squid.conf, I have
> >
> > external_acl_type NT_global_group %LOGIN /usr/local/squid/libexec/wb_group
> > acl ProxyUsers external NT_global_group <group>
> > acl internetusers proxy_auth REQUIRED
> > http_access allow internetusers ProxyUsers
> >
> > When I start squid, I get:
> > 2002/11/19 15:46:56| aclParseAclLine: IGNORING: Proxy Auth ACL 'acl internetusers proxy_auth REQUIRED' because no authentication schemes are fully configured.
> > 2002/11/19 15:46:56| aclParseAclLine: IGNORING invalid ACL: acl internetusers proxy_auth REQUIRED
> > 2002/11/19 15:46:56| squid.conf line 1718: http_access allow internetusers ProxyUsers
> > 2002/11/19 15:46:56| aclParseAccessLine: ACL name 'internetusers' not found.
> > FATAL: Bungled squid.conf line 1746: acl ProxyUsers external NT_global_group CTX-InternetDL
> > Squid Cache (Version 2.5.STABLE1): Terminated abnormally.
> > CPU Usage: 0.006 seconds = 0.004 user + 0.002 sys
> > Maximum Resident Size: 0 KB
> > Page faults with physical i/o: 207
> > Aborted
> >
> > Where am I going wrong.
>
Received on Thu Nov 21 2002 - 10:44:52 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:30 MST