I can't get Squid to authenticate to Windows NT users. I have a system with Linux Fedora 1.0 (samba 3.0.0, squid 2.5 STABLE3). I've read Squid FAQ and Samba FAQ and I've done:
1. Configure Samba to join to my NT Domain with "net rpc join", then: # wbinfo -t checking the trust secret via RPC calls succeeded Also, "wbinfo -u" and "wbinfo -g" are fine and: # ntlm_auth --username=testuser --password=littlesecret NT_STATUS_OK: Success (0x0) # wbinfo -a mydomain+testuser%littlesecret plaintext password authentication succeeded challenge/response password authentication succeeded 2. Configure nsswitch and pam according to the Samba FAQ 3. Squid is working fine with IP source ACLs. In /etc/squid/squid.conf: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic acl domain_admins proxy_auth mydomain+testuser http_access allow domain_admins Squid is compiled according to: # /usr/sbin/squid -v Squid Cache: Version 2.5.STABLE3 configure options: --host=i386-redhat-linux --build=i386-redhat-linux --target=i386-redhat-linux-gnu --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/share/info --exec_prefix=/usr --bindir=/usr/sbin --libexecdir=/usr/lib/squid --localstatedir=/var --sysconfdir=/etc/squid --enable-poll --enable-snmp --enable-removal-policies=heap,lru --enable-storeio=aufs,coss,diskd,null,ufs --enable-ssl --with-openssl=/usr/kerberos --enable-delay-pools --enable-linux-netfilter --with-pthreads --enable-basic-auth-helpers=LDAP,NCSA,PAM,SMB,SASL,MSNT --enable-ntlm-auth-helpers=SMB,winbind --enable-external-acl-helpers=ip_user,ldap_group,unix_group,wbinfo_group,win bind_group --enable-auth=basic,ntlm --with-winbind-auth-challenge --enable-useragent-log --enable-referer-log When I access from WinXP/IE 6.0 a dialog box pops up asking my user/password and I've tried: "mydomain+testuser", "testuser", "mydomain\testuser" and I always get "Cache Access Denied" :( I'll really appreciate some help. Thanks in advance. Regards, Freddy Chavez.
