[squid-users] =?iso-8859-1?Q?squid_authentication_-_need_help.?=

Tue, 04 Nov 2003 05:24:04 -0800 

Hi!

I'm trying to authenticate Windows users (2K domain with NT
compatibility) in squid.

Something is wrong, but i don't see. I have read FAQ, HOWTO,
Tutorials, and lots of Google searches.

Scenario:

parent proxy
 (pass all)
   ||
   ||
   \/
my proxy  <=========================== Windows server to authenticate
users 
(block sites with squidGuard)          (same net as my proxy)

Parent is working
SquidGuard is working.

I've made a test with smb_auth and it worked. Says OK.

---- test begin -----
# /usr/local/bin/smb_auth -W MYDOMAIN -d
myusername mypassword
Domain name: MYDOMAIN
Pass-through authentication: no
Query address options:
Domain controller IP address: 10.151.1.1
Domain controller NETBIOS name: SFCTRS1
Contents of //SFCTRS1/NETLOGON/proxyauth: allow
OK
---- test end -----

Linux distribuition: Conectiva
Squid version: squid-2.5.1-2cl
Samba:
samba-common-2.2.8-1U70_2cl
samba-clients-2.2.8-1U70_2cl
samba-2.2.8-1U70_2cl


When I try to start squid with authentication this is returned:

=== output begin ===

Iniciando squid 2003/11/03 18:19:14| parseConfigFile: line 35
unrecognized: 'authenticate_program /usr/local/bin/smb_auth -W MSRS'
2003/11/03 18:19:14| aclParseAclLine: IGNORING: Proxy Auth ACL 'acl
domainusers proxy_auth REQUIRED' because no authentication schemes are
fully configured.
2003/11/03 18:19:14| aclParseAclLine: IGNORING invalid ACL: acl
domainusers proxy_auth REQUIRED
2003/11/03 18:19:14| squid.conf line 37: http_access allow domainusers
2003/11/03 18:19:14| aclParseAccessLine: ACL name 'domainusers' not found.
2003/11/03 18:19:14| squid.conf line 37: http_access allow domainusers
2003/11/03 18:19:14| aclParseAccessLine: Access line contains no
ACL's, skipping

=== output end ===


Here some lines of squid.conf

--- begin ---
# SquidGuard
redirect_program /usr/local/bin/squidGuard -c
/etc/squidGuard/squidGuard.conf
redirect_children 4

# authentication
authenticate_program /usr/local/bin/smb_auth -W MYDOMAIN
acl domainusers proxy_auth REQUIRED
http_access allow domainusers
                                                                     
          
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hour

# parent proxy
cache_peer parentproxy.domain parent 80 3130 no-query default

acl all src 0.0.0.0/0.0.0.0
never_direct allow all
--- end ---

And minimum acl configuration enabled.


Thanks fou your help.

Elton S. Fenner
[EMAIL PROTECTED]

---------------------------------------------------
     /   ___     ~   Chimarr�o Virtual
  \==/  _\_/_ /|~    ----------------------   (o<
  /  \ /     |/      O chimarr�o � uma tra-   //\
  \  / |     |       di��o, que todos deve-   V_/_
   \/  |_____|       mos cultivar em nossas ra�zes.
___________________________________________________
     Seja livre n�o use software pirata use LINUX.
---------------------------------------------------

Reply via email to