LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 02-05-2007, 09:02 AM   #1
logicalfuzz
Member
 
Registered: Aug 2005
Distribution: Arch Linux
Posts: 291

Rep: Reputation: 39
Exclamation Transparent proxy with AD authentication


Hello,



My installation specs

CentOS 4.4:

squid 2.6.stable8

samba-3.0.10-1.4E.9



I am trying to authenticate squid users on Active Directory. I have setup Samba, Kerberos, Squid for this.

Joining the domain worked fine. Kinit command also authenticates without any errors.

I have these lines in my squid .conf file:

------<--------------->-----

auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 30
......

auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

........

acl authenticated_users proxy_auth REQUIRED
.......
http_access allow authenticated_users

------</--------------->-----



/var/run/winbindd (recursively) has the privileges "root:squid"



Inspite of this transparent authentication does not work.

"wbinfo -t" gives the following output:

------<--------------->-----

checking the trust secret via RPC calls failed
error code was NT_STATUS_NO_TRUST_SAM_ACCOUNT (0xc000018b)
Could not check secret

------</--------------->-----



This obviously indicates some problem.. but i am not able to figure out what.

Please advise. I would be glad to provide more details.
 
Old 02-06-2007, 08:25 PM   #2
gilead
Senior Member
 
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,123

Rep: Reputation: 162Reputation: 162
I'm not sure that it should work that way. According to the Squid FAQ, proxy authentication does not work with transparent proxying.
 
Old 02-07-2007, 07:40 AM   #3
logicalfuzz
Member
 
Registered: Aug 2005
Distribution: Arch Linux
Posts: 291

Original Poster
Rep: Reputation: 39
By transparent Proxy i mean that the IE does not challenge you for your User name/password unless your PC is not a member of the AD domain. I have already Implemented this on RHEL4 with squid v2.5 and it is working perfectly fine. Only same thing does not work here on CentOS.

This link could be referred for implementing this.

However it is not working for me as desired.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
About Transparent proxy shipon_97 Linux - Networking 1 04-19-2006 02:29 PM
transparent proxy mattsthe2 Linux - Networking 9 10-26-2005 08:44 AM
Transparent Proxy krock923 Linux - Networking 1 04-28-2005 06:43 PM
Transparent Proxy ilnli Linux - Networking 3 10-18-2004 06:01 PM
Transparent Proxy vinhhv Linux - Networking 0 07-23-2003 01:01 AM


All times are GMT -5. The time now is 01:20 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration