[squid-users] Re: Re[squid-users] verse proxy to Sharepoint

From: afstcklnd <andrew.stickland_at_spirititconsulting.com>
Date: Fri, 27 Jun 2008 02:38:27 -0700 (PDT)

OK, really at a loss now. Got rid of this problem by refining a few things
but now still not working but no real evidence of why not? Although
maybe....

==> log.smbd <==
[2008/06/26 21:28:35, 3] printing/printing.c:start_background_queue(1397)
  start_background_queue: Starting background LPQ thread
[2008/06/26 21:28:35, 2] lib/util_sock.c:open_socket_in(1268)
  bind failed on port 445 socket_addr = 0.0.0.0.
  Error = Address already in use
[2008/06/26 21:28:35, 2] lib/util_sock.c:open_socket_in(1268)
  bind failed on port 139 socket_addr = 0.0.0.0.
  Error = Address already in use
[2008/06/26 21:28:35, 2] smbd/server.c:open_sockets_smbd(580)
  waiting for a connection

afstcklnd wrote:
>
> Hi,
>
> OK, have built a new Squid 2.7 Stable 2 version and it's up and running.
> wbinfo reports authentication OK, but I get the following when the users
> try and authenticate....
>
> authenticateNTLMHandleReply: Error validating user via NTLM. Error
> returned 'BH NT_STATUS_ACCESS_DENIED'
>
> This would suggest a Samba problem but in isolation, Samba seems fine. Any
> ideas???
>
> All the best
> Andrew
>
>
>
> Chris Robertson-2 wrote:
>>
>> afstcklnd wrote:
>>> We have a working infrastructure using Windows 2003, AD & Sharepoint for
>>> Project Web Access. In order to allow branch office access, we wanted to
>>> put
>>> in place a reverse proxy solution and looked at Squid. After a lot of
>>> reading, it became clear the Squid 2.6 or above was the best option in
>>> order
>>> to get working NTLM authentication. So....
>>>
>>> We've installed a Fedora Core 9 box with Squid 3.0, attached it to the
>>> domain and set up all the kerberos, ldap authentication etc. However,
>>> it's
>>> not quite behaving correctly.
>>>
>>
>> Last I saw,
>> (http://www.squid-cache.org/mail-archive/squid-users/200803/0523.html)
>> you'll need to use 2.6 or 2.7 to proxy NTLM authentication. The
>> connection pinning required to support it has not been added to the
>> released Squid 3 code base.
>>
>>> Testing kerberos, ldap etc. seems all OK and the ntlm helpers are
>>> running
>>> OK. Connect to the proxy with IE of Firefox and the request for a
>>> password
>>> is presented but regardless of what is entered authentication.
>>>
>>> Obviously I need to provide more information but can you guide me as to
>>> where and what I need to provide?
>>>
>>> Thanks
>>>
>>
>> Chris
>>
>>
>>
>
>

-- 
View this message in context: http://www.nabble.com/Reverse-proxy-to-Sharepoint-tp17909397p18151537.html
Sent from the Squid - Users mailing list archive at Nabble.com.
Received on Fri Jun 27 2008 - 09:38:33 MDT

This archive was generated by hypermail 2.2.0 : Fri Jun 27 2008 - 12:00:05 MDT