RE: [squid-users] smb_auth not working yet

From: Andrew Loughnan <andrewl@dont-contact.us>
Date: Wed, 30 Jan 2002 10:55:28 +1100

Yes here is the Debug it's the same as you got, but it works going the other way from Windows to Internet anyway

smb_auth -W DOMAIN -U xxx.xxx.xxx.xxx -d
ntusername xxxxxxxx
Domain name: DOMAIN
Pass-through authentication: no
Query address options: -U xxx.xxx.xxx.xxx -R
Domain controller IP address: xxx.xxx.xxx.xxx
Domain controller NETBIOS name: SERVER
Contents of //SERVER/NETLOGON/proxyauth:
ERR

Andrew Loughnan, MCP
Computer Services Manager
St Josephs College
135 Aphrasia St
Geelong, Victoria Australia
3220
Ph +61 3 5226-8100
DD +61 3 5226-8165
Fax +61 3 5221-6983
E-mail: <mailto:andrewl@sjc.vic.edu.au>
<http://www.sjc.vic.edu.au>

-----Original Message-----
From: Eric Engen [mailto:eengen@esu10.org]
Sent: Wednesday, 30 January 2002 10:11 AM
To: squid-users@squid-cache.org
Subject: RE: [squid-users] smb_auth not working yet

Thanks for the reply. I am VERY CLOSE to getting it right! I can feel it!

The lines you sent me were from your squid.conf, right?

I'm only trying to test authentication from the command line right now,
before I try to run it in squid. If you go to the directory containing
smb_auth (for me, it is /usr/local/squid2/libexec/squid/) and type

smb_auth -W DOMAIN -U xx.xx.xx.xx -d <-- the "-d" is for debug

then on the next line, type

username ntpassword

Does it give you an OK, or an ERR?

I keep getting the ERR, even though I am typing in the correct passwords,
and I have the file "proxyauth" added to my NETLOGIN directory on my NT
machine.

Are there any issues with uppercase/lowercase?

-----Original Message-----
From: Andrew Loughnan [mailto:andrewl@sjc.vic.edu.au]
Sent: Tuesday, January 29, 2002 4:59 PM
To: Eric Engen; squid-users@squid-cache.org
Subject: RE: [squid-users] smb_auth not working yet

This is how I have it setup and it works fine

authenticate_program /usr/bin/smb_auth -W DOMAIN -U xx.xx.xx.xx
authenticate_children 8
acl localnet proxy_auth REQUIRED
http_access allow localnet
proxy_auth_realm Insert Your Network Logon Details

Andrew Loughnan, MCP
Computer Services Manager
St Josephs College
135 Aphrasia St
Geelong, Victoria Australia
3220
Ph +61 3 5226-8100
DD +61 3 5226-8165
Fax +61 3 5221-6983
E-mail: <mailto:andrewl@sjc.vic.edu.au>
<http://www.sjc.vic.edu.au>

-----Original Message-----
From: Eric Engen [mailto:eengen@esu10.org]
Sent: Wednesday, 30 January 2002 9:39 AM
To: squid-users@squid-cache.org
Subject: RE: [squid-users] smb_auth not working yet

OK, now I'm getting somewhere. I had the domain name wrong.

The output is now as follows:

./smb_auth -W domain -U xxx.xxx.xxx.xxx -d
ntusername xxxxxxxx
Domain name: domain
Pass-through authentication: no
Query address options: -U xxx.xxx.xxx.xxx -R
Domain controller IP address: xxx.xxx.xxx.xxx
Domain controller NETBIOS name: SERVER
Contents of //SERVER/NETLOGON/proxyauth:
ERR

I did make a file called proxyauth with the word "allow" in it (no quotes)
and placed it in the right place. But I still get the ERR response. The
sharing permissions for the directory containing proxyauth are EVERYONE
Read.
Why am I still getting ERR?

-----Original Message-----
From: Alceu Rodrigues de Freitas Junior
[mailto:alceu.rodrigues@wws.com.br]
Sent: Tuesday, January 29, 2002 4:54 PM
To: Eric Engen
Subject: RE: [squid-users] smb_auth not working yet

yes. you should check the exactly procedure at Squid websites. type
smb_auth in the search box. this should make it.

but first you need the authentification to work. put the domain name AND
the IP from de PDC.

On Tue, 29 Jan 2002, Eric Engen wrote:

> Doesn't the -U in smb_auth specify the IP number of the PDC? That's what I
> put in place of the xxx.xxx.xxx.xxx.
>
> In the command ./smb_auth -W ntserver, I actually put "ntserver", which is
> defined in my lmhosts file and in my /etc/hosts file. Should this be
> something different?
>
> Is there any preparation or configuration that must be done to the PDC in
> order for smb_auth to work?
>
> -----Original Message-----
> From: Alceu Rodrigues de Freitas Junior
> [mailto:alceu.rodrigues@wws.com.br]
> Sent: Tuesday, January 29, 2002 1:52 PM
> To: Eric Engen
> Subject: RE: [squid-users] smb_auth not working yet
>
>
> Try to find the IP number of the PDC and put it in the command to test.
> Seems to be that the PDC is not responding.
>
> On Tue, 29 Jan 2002, Eric Engen wrote:
>
> > OK, I made the link. Now I get a different message. What does this mean?
> >
> > ../smb_auth -W ntserver -d
> > ntusername xxxxxxxx
> > Domain name: ntserver
> > Pass-through authentication: no
> > Query address options:
> > Domain controller IP address:
> > ERR
> >
> > ../smb_auth -W ntserver -U xxx.xxx.xxx.xxx -d
> > ntusername xxxxxxxx
> > Domain name: ntserver
> > Pass-through authentication: no
> > Query address options: -U xxx.xxx.xxx.xxx -R
> > Domain controller IP address:
> > ERR
> >
> >
> > -----Original Message-----
> > From: Shalkebaev,AntonMSCAG [mailto:ShalkebaevA@msc.xm.mitsui.co.jp]
> > Sent: Tuesday, January 29, 2002 10:05 AM
> > To: 'Eric Engen'
> > Subject: RE: [squid-users] smb_auth not working yet
> >
> >
> > Try to find nmblookup, and make link
> >
> > On Tuesday, January 29, 2002 6:27 PM, Eric Engen [SMTP:eengen@esu10.org]
> > wrote:
> > > I configured Squid 2.4 STABLE3 to use smb_auth by typing
> > > ./configure --prefix=/usr/local/squid2 --enable-auth-modules=SMB
> > > then ran make, then make install. All seemed OK.
> > >
> > > Then I went to the auth_modules/SMB, and ran make and make install
> > > but when I test it on a command line by typing
> > > smb_auth -w domain -d
> > > testuser1 xxxxxxxx
> > >
> > > I get the following message:
> > > /usr/local/squid2/libexec/squid/smb_auth.sh:
> > /usr/local/samba/bin/nmblookup:
> > > No such file or directory
> > > Domain controller IP address:
> > > ERR
> > >
> > > I have installed Samba-2.2.2 using an RPM for redhat6.2, but it
doesn't
> > put
> > > anything in /usr/local/samba.
> > >
> > > Can anyone tell me what to try now?
> > >
> > > Thanks.
> > >
> > > Eric Engen
> > > Platte Valley Academy
> > > Shelton, Nebraska
> > > http://www.plattevalley.org
> >
> >
> > .
> >
>
> --
> Go away or I'll replace you with a very short shell script.
>
>
>
> .
>

--
Go away or I'll replace you with a very short shell script.
Received on Tue Jan 29 2002 - 16:56:05 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:59 MST