Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Distributions > Red Hat
User Name
Red Hat This forum is for the discussion of Red Hat Linux.


  Search this Thread
Old 10-21-2004, 07:18 AM   #1
LQ Newbie
Registered: Aug 2003
Distribution: RedHat 7.3
Posts: 6

Rep: Reputation: 0
Squid Authentication to Active Directory

Dear Penguins,

Is it possible to have a RedHat 9 Squid box that can authenticate it's user/password combination to Active directory without asking for user input?

At the moment I've successfully got Squid popping up the login box for

Is it possible for linux to check what user is currently logged onto our AD domain on that machine and authenticate them?

Also because we occasionaly need to ban internet usage for students (I work at a school) can a file be edited to disable internet usage, just like denyusers in msntauth.

Or am I dreaming?
Old 12-21-2009, 07:53 AM   #2
LQ Newbie
Registered: Dec 2009
Location: Johannesburg
Distribution: Centos 5.4
Posts: 7

Rep: Reputation: 0
Hello BuRnInICE

Yes this is possible.

make sure that winbind and smb is installed.

yum install smb - should do the tick. also you need some other rpms installed too:

yum install krb5-libs krb5-devel krb5-workstation krb5-server pam_krb5

run this command:

authconfig --enableshadow --enablemd5 --passalgo=md5 --krb5realm=EXAMPLE.COM --smbworkgroup=EXAMPLE.COM --enablewinbind --enablewinbindauth --smbsecurity=ads --smbrealm=EXAMPLE.COM --smbidmapuid="16777216-33554431" --smbidmapgid="16777216-33554431" --winbindseparator="+" --winbindtemplateshell="/bin/false" --enablewinbindusedefaultdomain --disablewinbindoffline --winbindjoin=Administrator --disablewins --disablecache --enablelocauthorize --updateall

This should ask you for a password, and when done should join the domain.

if there is any errors please post them will try and help where I can.

in your squid.conf:

auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 10
auth_param ntlm keep_alive on

acl AuthorizedUsers proxy_auth REQUIRED
http_access allow AuthorizedUsers

Add those lines under "INSERT YOUR OWN RULES HERE"

restart squid

I got this working on Centos 5, I dont know about Redhat 9.

Hope this helps.
Old 06-03-2011, 04:55 AM   #3
LQ Newbie
Registered: Jun 2011
Posts: 1

Rep: Reputation: Disabled
Smile Dear Thebomb

When I typed the correct domain password, it still has the error as below:

[root@proxy tmp]# authconfig --enableshadow --enablemd5 --passalgo=md5 --enablewinbind --enablewinbindauth --smbsecurity=ads --smbidmapuid="16777216-33554431" --smbidmapgid="16777216-33554431" --winbindseparator="+" --winbindtemplateshell="/bin/false" --enablewinbindusedefaultdomain --disablewinbindoffline --winbindjoin=administrator --disablewins --disablecache --enablelocauthorize --updateall
[/usr/bin/net join -w -S -U administrator]
administrator's password:
[2011/06/03 23:49:45, 0] libads/kerberos.c:ads_kinit_password(228)
kerberos_kinit_password administrator@YOURWORLD.COM failed: Preauthentication
Failed to join domain: Logon failure
ADS join did not work, falling back to RPC...
Could not connect to server
The username or password was not correct.
Could not connect to server
The username or password was not correct.
Connection failed: NT_STATUS_LOGON_FAILURE

Shutting down Winbind services: [ OK ]
Starting Winbind services: [ OK ]

Please help to advise.
Kind regard,


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Active Directory Authentication zenix SUSE / openSUSE 29 03-22-2007 10:00 AM
Active Directory authentication? cwhitmore Mandriva 3 03-09-2005 11:25 AM
active directory authentication mozilla Linux - Networking 2 02-21-2005 04:55 AM
Squid Authentication Active Directory BuRnInICE Linux - Networking 1 10-27-2004 08:02 AM
Squid authentication using Active Directory Groups will not work kepler Linux - Networking 1 05-25-2004 12:54 PM > Forums > Linux Forums > Linux - Distributions > Red Hat

All times are GMT -5. The time now is 05:50 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration