Ok, #1 should be all set wbinfo -t -g -u all work correctly #2,3 should be all set (did not work so I went as far as making the squid user and squid group owner of the folder and all the children and assigning 777 for the permissions, just to make sure) #4 should be all set but things are still not working (same message), when I check the cache.log file it says "utils/ntlm_auth.c:get_winbind_domain(146) could not obtain the winbind domain name!", also I setup the proxy on my ibook and pointed firefox to the proxy it gives me the same error in the browser but it does not even ask me for any login info; I would expect the pc not to ask because it is a member of the domain but the I book should at least ask, the msad acl is the first one so it should be hitting that one first. Jeremy -----Original Message----- From: Henrik Nordstrom [mailto:henrik@xxxxxxxxxxxxxxxxxxx] Sent: Wednesday, March 19, 2008 8:59 PM To: Martin, Jeremy Cc: squid-users@xxxxxxxxxxxxxxx Subject: RE: ntlm_auth seems to have losts it mind On Wed, 2008-03-19 at 17:37 -0400, Martin, Jeremy wrote: > Does anyone know of a relevant guide that covers install samba and > squid3 and implementing msad authentication that utilizes ntlm? This > was much easier to do with the supplied rpms with redhat but the > versions supplied are old and out of date. Not much have changed. How to use Samba ntlm_auth is the same since Squid-2.5/Samba-3.0 days.. 1. Install Samba and join the domain. 2. Set up a suitable system group for winbind authentication, and chgrp the Samba privileged_pipe directory to this, with at least x permission for the group. 3. Make your cache_effective_user member of the above group. 4. Configure squid.conf as you have done. Regards Henrik -- This message was scanned by ESVA and is believed to be clean. Click here to report this message as spam. http://spam.emcc.edu/cgi-bin/learn-msg.cgi?id=5B53027F1E.60CF5
