That took care of that part, it now works from the command prompt but when I try to visit a page now it says While trying to retrieve the URL: http://www.google.com/ The following error was encountered: * Cache Access Denied. Sorry, you are not currently allowed to request: http://www.google.com/ from this cache until you have authenticated yourself. For ntlm helpers I have /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp And for basic /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-basic Acl acl msad proxy_auth REQUIRED http_access allow msad Does anyone know of a relevant guide that covers install samba and squid3 and implementing msad authentication that utilizes ntlm? This was much easier to do with the supplied rpms with redhat but the versions supplied are old and out of date. Jeremy -----Original Message----- From: Kinkie [mailto:gkinkie@xxxxxxxxx] Sent: Wednesday, March 19, 2008 2:46 AM To: Amos Jeffries Cc: Martin, Jeremy; squid-users@xxxxxxxxxxxxxxx Subject: Re: ntlm_auth seems to have losts it mind On Wed, Mar 19, 2008 at 7:07 AM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > Martin, Jeremy wrote: > > Ok here is my issue, I have compiled and installed the latest stable version of squid and samba, and all seemed well until I tried the following command and got the following output. Anyone have any idea why this is not working like it used to, on my other box it will give the prompt where I can enter my username and password and it returns ok. Wbinfo -u and -g will populate the user and group info so I am pretty sure that is setup correctly, I just seem to be missing something here . > > > > Thanks > > Jeremy > > > > debian:/usr/local/squid/libexec# ./ntlm_auth --helper-protocol=squid-2.5-basic > > ./ntlm_auth: invalid option -- - > > unknown option: -?. Exiting > > ./ntlm_auth usage: > > ./ntlm_auth [-b] [-f] [-d] [-l] domain\controller [domain\controller ...] > > -b enables load-balancing among controllers > > -f enables failover among controllers (DEPRECATED and always active) > > -l changes behavior on domain controller failyures to last-ditch. > > -d enables debugging statements if DEBUG was defined at build-time. > > > > You MUST specify at least one Domain Controller. > > You can use either \ or / as separator between the domain name > > and the controller name > > ./ntlm_auth: invalid option -- h > <snip the loop> > > Weird, but it is saying --helper-option= is not one of the command-line > options. > > I think that is a squid internal option to tell squid how to connect to > the helper. Jeremy, you're using the squid-supplied NTLM helper, and not the Samba one. I suggest you change that to the helper written by the Samba team (and which understands the helper-protocol option) -- /kinkie -- This message was scanned by ESVA and is believed to be clean. Click here to report this message as spam. http://spam.emcc.edu/cgi-bin/learn-msg.cgi?id=5C81729E75.7C831
