Well after using --helper-protocol=squid-2.5-ntlmssp it works better, only problem now is getting log info out of winbindd/samba/squid, inorder to determin why my suplied user credientials/password does not grant me acces to the intenet.
Regards. Lars Roland On Fri, 17 Sep 2004 15:41:42 +0200, Lars Roland <[EMAIL PROTECTED]> wrote: > Hi All > > I have build squid 2.5-STABLE6 on redhat 7.3 with the the folowing command > > /configure --prefix=/usr/local/squid --sysconfdir=/etc/squid > --enable-auth="ntlm,basic" > --enable-external-acl-helpers="wbinfo_group" > --with-samba-sources=/opt/samba-3.0.6 > > I use samba 3.0.6 and it is build with > > ./configure --with-winbind --prefix=/usr/local/samba > --sysconfdir=/etc/samba --with-configdir=/etc/samba > --with-privatedir=/etc/samba/private --with-lockdir=/var/lock > --with-smbmount --with-quotas --with-winbind-auth-challenge > --with-automount > > I have a windows 2000 domain runinng active directory, my smb.conf is > fine as I can execute both wbinfo -t and wbinfo -u without any > problems. The part of my squid conf that deals with ntlm looks like > this > > auth_param ntlm program /usr/local/samba/bin/ntlm_auth > --helper-protocol=squid-2.5-basic > auth_param ntlm children 5 > auth_param ntlm max_challenge_reuses 0 > auth_param ntlm max_challenge_lifetime 2 minutes > auth_param ntlm use_ntlm_negotiate off > auth_param basic program /usr/local/samba/bin/ntlm_auth > --helper-protocol=squid-2.5-basic > auth_param basic children 5 > auth_param basic realm Squid proxy-caching web server > auth_param basic credentialsttl 2 hours > external_acl_type nt_group ttl=0 concurrency=5 %LOGIN > /usr/local/squid/libexec/wbinfo_group.pl > > I i try this proxy using a windows XP workstation, running ie6 then I > get the folowing error in > /var/log/messages: > > authenticateNTLMHandleReply: *** Unsupported helper response ***, 'ERR' > > In /car/log/squid/acced.log i get: > > 1095427620.272 2 172.29.10.137 TCP_DENIED/407 587 GET > http://www.kde.org/ - NONE/- text/html > > I have debuging set as: debug_options ALL,1 29,9 (ia also tried > debug_options ALL,1 33,2, this did not change anything). > > Does anyone have an idea where I can go from here in order to break > this problem down to smaller peaces, the messages in /var/log/messages > are not excatly that helpfull. > > Regards. > > Lars Roland >
