On Thu, 2005-04-07 at 11:47 +0200, fatima riadi wrote: > Hi everybody, > > I setup squid-2.5.STABLE9 with samba-3.0.13 to use > winbind authentication over a Windows 2003 Active > Directory. > Web users' authentication from my proxy server box > succeedes. > But when a remote user try to authenticate himself, > authentication failes and Squid return the > following: > authenticateNTLMHandleReply: Error validating user > via NTLM. Error returned 'BH > NT_STATUS_ACCESS_DENIED'
Are the permissions on the winbind privileged pipe correct, what does the winbindd.log say? > I configured samba with (--with-ads --with-ldap > --with-winbind --with-winbind-auth-challenge). --with-winbind-auth-challenge doesn't exist any more. It was a Samba 2.2 hack, the privileged pipe dir handled the access control to this now. > And I configure squid with > (--enable-auth="ntlm,basic" > --enable-basic-auth-helpers="winbind" > --enable-ntlm-auth-helpers="winbind"). These last two options build helpers in the squid sources which are incompatible with Samba 3.0. They should not be built or used. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
