Thank you very much for your reply. I had to change permissions to the winbindd_privileged file. The problem is that I had to set 777 (chmod 777) as permissions to that file. Which is not a good thing! --- Elsen Marc <elsen@xxxxxxx> wrote: > > > > > > Hi everybody, > > > > I setup squid-2.5.STABLE9 with samba-3.0.13 to use > > winbind authentication over a Windows 2003 Active > > Directory. > > Web users' authentication from my proxy server box > > succeede. > > But when a remote user try to authenticate > himself, > > authentication failes and Squid return the > following: > > authenticateNTLMHandleReply: Error validating > user > > via NTLM. Error returned 'BH > NT_STATUS_ACCESS_DENIED' > > > > I configured samba with (--with-ads --with-ldap > > --with-winbind --with-winbind-auth-challenge). > > > > And I configure squid with > (--enable-auth="ntlm,basic" > > --enable-basic-auth-helpers="winbind" > > --enable-ntlm-auth-helpers="winbind"). > > > > My squid.conf file containes the following: > > auth_param ntlm program > > /usr/local/samba/bin/ntlm_auth > > --helper-protocol=squid-2.5-ntlmssp > > auth_param ntlm children 5 > > auth_param ntlm max_challenge_reuses 0 > > auth_param ntlm max_challenge_lifetime 2 minutes > > > > > > > auth_param basic program > > /usr/local/samba/bin/ntlm_auth > > --helper-protocol=squid-2.5-basic > > auth_param basic children 5 > > auth_param basic realm Squid proxy-caching web > > server > > auth_param basic credentialsttl 2 hours > > > > > > > acl authUsers proxy_auth REQUIRED > > http_access allow authUsers > > http_access deny all > > > > Does anyone have an idea? > > Thanks in advance. > > > > BTW , there seems to be a recently discovered issue > with this > SAMBA release and Windows 2003 SP1 > being used as a AD (and or domain controller) > (>Windows 2003 SP1< recently made available by MS$) > : > > Checkout this thread : > > > http://lists.samba.org/archive/samba-technical/2005-April/040187.html > > You apparently may need this samba patch : > > > http://samba.org/~jerry/patches/post-3.0.13/winbindd_2k3sp1.patch > > M. > __________________________________________________________________ Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails ! Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/
