Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
10-01-2002, 12:19 PM
|
#1
|
LQ Newbie
Registered: Dec 2000
Location: Derbys, UK
Distribution: RedHat, Slackware
Posts: 29
Rep:
|
Squid and NTLM authorisation
Hi all
I've got 2 issues here, both to do with Squid proxy/cache service. I'm desperately trying to find a replacement for our naff solution we have at the moment (we being a school in the UK).
I've essentially got squid to run ok, and its great so far. However, what I'm really interested in is the authentication side of it. Now I'm nor sure whether I'm getting this wrong, but I should be able to set it up so that users of the proxy have to be authenticated first, via our existing Windoze domain. Yeah?
I've tried compiling the contents of squidfolder/src/auth/ntlm (to make the ntlm_auth) but all I get is "Nothing to do for all... etc etc" and nothing is compiled. I downloaded the latest stable release (squid-2.5.STABLE1.tar.gz).
Anyone got this to work? Or even tried come to that...
My second question, and this is why I really want to get it to work, is this : am I right that with authentication in use, the username will be recorded in the access.log file as well as or instead of the IP address?
Any help obviously much appreciated - or if theres another way to achieve what I'm after....
Cheers,
Dave
|
|
|
10-01-2002, 02:27 PM
|
#2
|
LQ Addict
Registered: Dec 2001
Location: Brooklyn, NY
Distribution: *NIX
Posts: 3,704
Rep:
|
Are you trying as well nertwork together linux side and windows side to have common shares? What I mean - are you trying to access shares on windos side from linux as well? You might consider SAMBA with swatch as well. Check out http://freshmeat.net/projects/swatch...43%2C862%2C152
and http://www.samba.org
|
|
|
10-01-2002, 04:04 PM
|
#3
|
LQ Newbie
Registered: Dec 2000
Location: Derbys, UK
Distribution: RedHat, Slackware
Posts: 29
Original Poster
Rep:
|
Cheers for the reply - thats not quite what I'm trying to do, tho I shall certainly check it out anyway
It is basically an all windows network (I didn't know any better at the time)
What I want to do is have the web proxy (Slackware with Squid) only allow authorised users to access the web. Preferably the authorisation would come from the domain controller for our domain by using the ntlm_auth addon for squid; I've read this uses the samba client utils which I have installed and working fine.
There is a bit of documentation on authorisation schemes on www.squid-cache.org, but unfortunately the bit about using ntlm is missing (tho a "thanks to the samba team" message is there, so my guess is it works).
The main problem is getting the ntlm_auth file, which is optional with squid, to compile and install.
Cheers
|
|
|
10-01-2002, 05:36 PM
|
#4
|
LQ Addict
Registered: Dec 2001
Location: Brooklyn, NY
Distribution: *NIX
Posts: 3,704
Rep:
|
I see, I am still researching the issue, and look what I hit when I browsed over to freshmeat.net
http://freshmeat.net/releases/98881/
Take a look, see if you can benefit from it.
|
|
|
10-11-2002, 11:51 AM
|
#5
|
LQ Newbie
Registered: Dec 2000
Location: Derbys, UK
Distribution: RedHat, Slackware
Posts: 29
Original Poster
Rep:
|
Solution...?
Hi
Taken me some time to reply - sorry
The NTLM Lib thing looks interesting, but unfortunately I'm not a programmer really, especially when it comes to linux. Got a copy tho and it might come in handy later...
Thought I should add something to the thread about what I've done, for anyone else searching the forums
I've realised that there have been some changes in teh way squid does proxy authentication over the last few releases. This means that a lot of the documentation I've been looking at isn't quite right. Even the .conf file has info in it that doesn't seem right. (On the bright side, you wouldn't believe how much I've discovered  )
To compile the NTLM addons you have to specify compile options when you compile squid - and not compile them seperately ( ./configure --help to list the options....)
The down side.... I still can't get it to work!
As its a new problem, I shall start a new thread
|
|
|
10-24-2002, 04:19 AM
|
#6
|
LQ Newbie
Registered: Oct 2002
Posts: 1
Rep:
|
Hello,
I'm using squid-2.5.PRE12 which is working fine on Redhat7.2. I'm authenticating users in the NT domain (ntlm).
I've tried upgrading to Squid2.5.stable1 - but it doesn't work - complains of "AuthenticateHandleReply". I'm now back on the pre-release.
The pre-release seems very stable - running for 2months now.
|
|
|
11-11-2002, 02:27 PM
|
#7
|
LQ Newbie
Registered: Nov 2002
Distribution: various
Posts: 1
Rep:
|
I ran into the same problem with the latest Squid stable. Here was my solution:
configure --enable-auth="ntlm basic"
Seems to work fine now.
Regards,
Scott
|
|
|
All times are GMT -5. The time now is 10:24 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|