Transparent proxy with AD authentication
Hello,
My installation specs CentOS 4.4: squid 2.6.stable8 samba-3.0.10-1.4E.9 I am trying to authenticate squid users on Active Directory. I have setup Samba, Kerberos, Squid for this. Joining the domain worked fine. Kinit command also authenticates without any errors. I have these lines in my squid .conf file: ------<--------------->----- auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 30 ...... auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours auth_param basic casesensitive off ........ acl authenticated_users proxy_auth REQUIRED ....... http_access allow authenticated_users ------</--------------->----- /var/run/winbindd (recursively) has the privileges "root:squid" Inspite of this transparent authentication does not work. "wbinfo -t" gives the following output: ------<--------------->----- checking the trust secret via RPC calls failed error code was NT_STATUS_NO_TRUST_SAM_ACCOUNT (0xc000018b) Could not check secret ------</--------------->----- This obviously indicates some problem.. but i am not able to figure out what. Please advise. I would be glad to provide more details. |
I'm not sure that it should work that way. According to the Squid FAQ, proxy authentication does not work with transparent proxying.
|
By transparent Proxy i mean that the IE does not challenge you for your User name/password unless your PC is not a member of the AD domain. I have already Implemented this on RHEL4 with squid v2.5 and it is working perfectly fine. Only same thing does not work here on CentOS.
This link could be referred for implementing this. However it is not working for me as desired. |
All times are GMT -5. The time now is 09:21 PM. |