Search squid archive

Problems with Squid 3 Authentication on Samba 4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I'm trying to authenticate the squid3 in Samba4. The part of Samba 4 authentication is OK, because with the commands wbinfo -i, getent passwd, klist, kinit is all right and I can  get  the expected results. Also on the command line can authenticate users (/usr /bin/ntlm_auth --username = DomainUser), however, when using the squid does not.

I have already followed several tutorials, including to authenticate to AD, as the Samba 4  is fully compatible with AD. Nothing works.

Follow my configuration file (squid.conf):


http_port 3128
visible_hostname proxy-server.meudominio.com.br
error_directory /usr/share/squid3/errors/Portuguese
error_default_language pt-br
coredump_dir /var/spool/squid3
cache_mem 756 MB
maximum_object_size_in_memory 128 kB
maximum_object_size 512 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/spool/squid3 2048 16 256
cache_access_log /var/log/squid3/access.log
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
###########################################################################
######### user authentication #########
###########################################################################
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp 
auth_param ntlm children 30 
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic 
auth_param ntlm children 5
auth_param basic realm Squid-proxy-caching web server
auth_param basic credentialsttl 2 hours 
acl autenticados proxy_auth REQUIRED
# ACLS # 
#acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 70 563 70 210 280 488 59 591 777 901 1025-65535
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny !autenticados
http_access allow autenticados
acl redelocal src 192.168.0.0/22
http_access allow localhost
http_access allow redelocal
http_access deny all
###########################################################################
My /etc/hosts following below:
127.0.0.1 localhost
192.168.0.35 squid-server.mydomain.com.br squid-server

The  /etc/resolv.conf is:
domain mydomain.com.br
search mydomain.com.br
nameserver 192.168.0.5

I found that the Squid folder there is this file that does not know: msntauth.conf, with the following contents:

# Sample MSNT authenticator configuration file
# Antonino Iannella, Stellar-X Pty Ltd
# Sun Sep 2 15:52:31 CST 2001
# NT hosts to use. Best to put their IP addresses in /etc/hosts.
server my_PDC my_BDC my_NTdomain
server other_PDC other_BDC otherdomain
# Denied and allowed users. Comment these if not needed.
#denyusers /usr/local/squid/etc/msntauth.denyusers
#allowusers /usr/local/squid/etc/msntauth.allowusers

I'm using Debian 8 and Samba 4.1.17.

Do anybody have an idea?

Regards,

Márcio
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux