- 论坛徽章:
- 0
|
本帖最后由 lisawangblog 于 2010-04-29 12:41 编辑
我的配置如下:
[root@ squid]# rpm -qa |grep samba
samba-common-3.0.33-3.14.el5
samba-3.0.33-3.14.el5
samba-swat-3.0.33-3.14.el5
samba-client-3.0.33-3.14.el5
system-config-samba-1.2.41-5.el5
[root@ squid]# rpm -qa |grep squid
squid-2.6.STABLE21-3.el5
[root@ squid]# wbinfo -g
BUILTIN\administrators
BUILTIN\users
domain computers
domain users
domain guests
group policy creator owners
enterprise admins
domain admins
domain controllers
schema admins
internet
[root@ squid]# wbinfo –u
blase00m
kobowmar
pauli00e
ottsebas
bruecksv
winklerr
jahnkari
brueckne
test
去掉cache_dir,http_port,http_reply_access allow all前面的#号
把#cache_effective_user nobody改成cache_effective_user squid
以上设置一切OK,下面在squid.conf加上: internet 这个组里的用户可以上网。
[root@ etc]# ntlm_auth --username=test
password:
NT_STATUS_OK: Success (0x0)
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 5
auth_param ntlm keep_alive on
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
external_acl_type NT_global_group %LOGIN /usr/local/squid/libexec/wbinfo_group.pl
acl ProxyUsers external NT_global_group internet
acl AuthenticatedUsers proxy_auth REQUIRED
http_access allow AuthenticatedUsers ProxyUsers
http_access deny all
问题出现了,我用域帐号登陆计算机,浏览网页时还会提示输入用户名及密码 验证。 输入正确的域帐号和密码后才能上INTERNET。而且不是internet这个组里的域帐号也能通过帐号和密码来上网。感觉那个组认证好像没有生效,有人碰到过这样的问题吗?我该怎么做? |
|