does the username work when you enter it ? Quoting "Franco, Battista" <Battista.Franco@xxxxxxxxxxxxxxxx>: > Yes it is. > > > > -----Messaggio originale----- > Da: pwasenda@xxxxxxxxx [mailto:pwasenda@xxxxxxxxx] > Inviato: lunedì 12 giugno 2006 15.01 > A: Franco, Battista > Cc: squid-users@xxxxxxxxxxxxxxx > Oggetto: Re: AD and Single Sign On > > Is that computer on your windows domain ? > > Quoting "Franco, Battista" <Battista.Franco@xxxxxxxxxxxxxxxx>: > > > Hello > > I configured squid and samba but (from a client with MS IE 6) when i > > tried to connect to internet the pop-up with a request of username and > > password appears. > > More info below: > > > > # wbinfo -t > > checking the trust secret via RPC calls succeeded # wbinfo -a > > mydom\\user%password plaintext password authentication succeeded > > challenge/response password authentication succeeded # > > /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic > > Mydom+user password > > [2006/06/12 14:52:07, 3] utils/ntlm_auth.c:check_plaintext_auth(292) > > NT_STATUS_OK: Success (0x0) > > OK > > # > > > > ---- > > > > Smb.conf is: > > > > .... > > netbios name = aa1pxysav00 > > realm = ZA.IF.ATCSG.NET > > workgroup = ZA > > security = ADS > > password server = server.mydom.com > > encrypt passwords = yes > > log level = 3 passdb:5 auth:10 winbind:5 > > idmap uid = 10000-20000 > > template shell = /bin/false > > winbind enum users = yes > > winbind uid = 10000-20000 > > winbind gid = 10000-20000 > > winbind separator = + > > winbind use default domain = yes > > ... > > > > ---- > > > > Squid.conf is: > > .... > > auth_param ntlm program /usr/bin/ntlm_auth > > --helper-protocol=squid-2.5-ntlmssp > > auth_param ntlm children 30 > > auth_param ntlm max_challenge_reuses 0 auth_param ntlm > > max_challenge_lifetime 2 minutes # ntlm_auth from Samba 3 supports > > NTLM NEGOTIATE packet auth_param ntlm use_ntlm_negotiate on auth_param > > basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic > > auth_param basic children 5 auth_param basic realm Squid proxy-caching > > web server auth_param basic credentialsttl 2 hours auth_param basic > > casesensitive off .... > > acl AuthorizedUsers proxy_auth REQUIRED http_access allow all > > AuthorizedUsers .... > > cache_peer proxy.xxx.com parent 8080 0 proxy-only default > > > > ------ > > > > Access.log > > > > 1150117192.969 364 10.239.57.34 TCP_MISS/200 4388 GET > > http://www.google.it/ username DEFAULT_PARENT/proxy.xxx.com text/html > > 1150117223.316 24100 10.239.57.34 TCP_MISS/503 1384 GET > > http://www.google.it/imghp? username NONE/- text/html > > > > > > > > Could you help me? > > > > > > > > -----Messaggio originale----- > > Da: Jakob Curdes [mailto:jc@xxxxxxxxxxxxxxx] > > Inviato: venerdì 9 giugno 2006 14.44 > > A: Franco, Battista > > Cc: squid-users@xxxxxxxxxxxxxxx > > Oggetto: Re: AD and Single Sign On > > > > Franco, Battista schrieb: > > > > >Hello > > > > > >I used a squid 2.5 stable 9 on fedora code 4. > > > > > >My windows domain is an AD 2003. > > > > > >Is it possibile to configure my squid to work as "single sign on" so > > >users will not need to put username and password when accessing to > > >internet? > > > > > >How do i do it? > > > > > > > > > > > > > > > > > See > > > > http://wiki.squid-cache.org/SquidFaq/ProxyAuthentication > > > > Hope this helps, > > > > Jakob Curdes > > > > Hint for the FAQ admins : the keyword NTLM or AD does not show up > > anywhere in the content list, myabe it would be a good idea to shift > > one of the headlines a little - this question keeps getting asked again and > again. > > > > Jakob Curdes > > > > > > > -- > Peter Collins Wasenda > Network Administrator > IT Division, Corporate Services > Uganda Revenue Authority > P.O. Box 7279, Kampala > > Tel: (041)334474,334535 > Mob: 0752-996477 > > --------------------------------------------------------------- > > > ---------------------------------------------------------------- > This message was sent using IMP, the Internet Messaging Program. > > -- Peter Collins Wasenda Network Administrator IT Division, Corporate Services Uganda Revenue Authority P.O. Box 7279, Kampala Tel: (041)334474,334535 Mob: 0752-996477 --------------------------------------------------------------- ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
