Hi, I am trying to use squid proxy with validation on win 2003 active
directory to filter internet navigation and for it I installed an ubuntu
10.04 server 64 bit with samba.
My installation looks ok, the server is joined to the AD, ntlm is able
to validate user, wbinfo report corret information and squid works good.
The problem arise after some hours: winbind become not able to resolv
info for users and to retrieve info for groups, so squid become not able
to know id a user belong to a group allowed to navigate and refuse
connection.
Restarting winbind solve the problem for some hours.
wbinfo report no particular problem; just give back messages like "could
not get info for user xx" and also setting debuglevel to various numbers
reports (to me) no significant clues.
I made a workaround scheduling a restart of winbind service at every
half hour and it works, but is not so elegant ...
Do you have any suggestion to solve this problem?
Thank you
Daniele
samba/winbind version is 3.4.7
squid is 2.7.STABLE7
os is 2.6.32-41-server #88-Ubuntu x86_64 GNU/Linux
smb.conf:
[global]
workgroup = CED
realm = CED.AOS
server string = Samba Server Version %v
security = ADS
password server = 172.18.10.24 172.18.10.23
name resolve order = lmhosts host bcast
ldap ssl = no
idmap uid = 15000-25000
idmap gid = 15000-25000
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
cups options = raw
[homes]
comment = Home Directories
read only = No
browseable = No
browsable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
browsable = No
----
Le informazioni contenute in questa comunicazione e gli eventuali documenti
allegati hanno carattere confidenziale e sono ad uso esclusivo del
destinatario. Nel caso in cui questa comunicazione Vi sia pervenuta per errore,
Vi informiamo che la sua diffusione e riproduzione e' contraria alla legge,
pertanto Vi preghiamo di darci prontamente avviso e di cancellare quanto
ricevuto.
Grazie.
This e-mail message and any files transmitted with it contain confidential
information intended only for the person(s) to whom it is addressed. If you are
not the intended recipient, you are hereby notified that any use or
distribution of this e-mail is strictly prohibited: please notify the sender
and delete the original message.
Thank you.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
