- 论坛徽章:
- 0
|
参
http://romexp.blog.163.com/blog/static/3610065200762614516829/
的文档
做下squid+AD认证
samba 工作正常
剩下的就是SQUID不正常
squid-3.0.STABLE6 + ntlm 编译安装
wbinfo -u 正常
- [root@test sbin]# ntlm_auth --username=administrator
- password:
- NT_STATUS_OK: Success (0x0)
复制代码
squid.conf
认证部分是
- auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
- auth_param ntlm children 5
- #auth_param ntlm max_challenge_reuses 0
- #auth_param ntlm max_challenge_lifetime 2 minutes
-
- auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
- auth_param basic children 5
- auth_param basic realm Squid proxy-caching web server
- auth_param basic credentialsttl 5 hours
-
- acl NTLMUsers proxy_auth REQUIRED
- http_access allow all NTLMUsers
复制代码
故障是要输入用户名及密码,但输入正确都提不不对
出了什么问题呢?
查log
- [2008/05/29 21:07:19, 0] utils/ntlm_auth.c:winbind_pw_check(427)
- Login for user [ITA]\[suzhan]@[ITA] failed due to [winbind client not authorized to use winbindd_pam_auth_crap. Ensure permissions on /var/cache/samba/winbindd_privileged are set correctly.]
- 2008/05/29 21:07:19| authenticateNTLMHandleReply: Error validating user via NTLM. Error returned 'BH NT_STATUS_ACCESS_DENIED'
- [2008/05/29 21:07:19, 0] utils/ntlm_auth.c:manage_squid_ntlmssp_request(601)
- NTLMSSP BH: NT_STATUS_ACCESS_DENIED
- [2008/05/29 21:07:20, 0] utils/ntlm_auth.c:winbind_pw_check(427)
- Login for user [ITA]\[suzhan]@[ITA] failed due to [winbind client not authorized to use winbindd_pam_auth_crap. Ensure permissions on /var/cache/samba/winbindd_privileged are set correctly.]
- 2008/05/29 21:07:20| authenticateNTLMHandleReply: Error validating user via NTLM. Error returned 'BH NT_STATUS_ACCESS_DENIED'
- [2008/05/29 21:07:20, 0] utils/ntlm_auth.c:manage_squid_ntlmssp_request(601)
- NTLMSSP BH: NT_STATUS_ACCESS_DENIED
复制代码 |
|