Hi
in the bugtrack i now found that ntlm seens that is really broken,
so is there any plan to fix this?
i could also try to make a package with the updated version of
squid, but for that i need the dev tools... anyone knows were
they are?
thanks
On Tue, 5 Sep 2006 00:20:28 +0100, Daniel Mota Leite (Higuita) <[EMAIL
PROTECTED]> wrote:
> Have been trying to setup the squid proxy to authenticate with
> the windows AD, but i'm getting several problems...
>
> i want to use ntlm authentication and restrict the web access
> to a few auth users, but when i setup it via the interface it keeps
> failling
>
> so far i have discovered this:
>
> - there is no /etc/squid/ntlmauth.conf (??) (sorry, i have no access to
> the machine right now and i forgot the name, but its something like
> this)... in the ntlm dir on /var/efw/cache/ there is only the allow and
> deny users files
>
> - the /etc/nsswitch.conf dont have the winbind... i think that for the
> wbinfo_group.pl to work this need to be configured
>
> -the squid included is old, i found at least 2 patchs for squid 2.5.12
> related with ntlm, at least the one for wbinfo_group.pl seens simple
> but required, its just add a cut to the output of wbinfo -n, as the
> latest versions output one extra parameter:
>
> $groupSID = `wbinfo -n "$group | cut -d" " -f1`;
>
> -in the logs i see that the access log with the correct username, but
> it seens to fail with a DENIED result for being in the accept_list(!?)
> i checked and the config seens correct, so why it seens to give the
> opposite result?
>
> so, as i'm very confuse right now, i ask if someone manage to put the
> squid with the ntlm authentication to work or if this is known to be
> broken?
>
> should i try to update to the latest advproxy from ipcop?
higuita
--
Naturally the common people don't want war... but after all it is the
leaders of a country who determine the policy, and it is always a
simple matter to drag the people along, whether it is a democracy, or
a fascist dictatorship, or a parliament, or a communist dictatorship.
Voice or no voice, the people can always be brought to the bidding of
the leaders. That is easy. All you have to do is tell them they are
being attacked, and denounce the pacifists for lack of patriotism and
exposing the country to danger. It works the same in every country.
-- Hermann Goering, Nazi and war criminal, 1883-1946
signature.asc
Description: PGP signature
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user
