Hi,
I've successfully configured a new proxy in my network with the following versions:
Linux RedHat 7.3 Squid 2.5 STABLE5 Samba 3.0.3
I've joined Samba to my AD root server and made Squid to authenticate throug it:
------------ smb.conf -----------------
[global]
workgroup = MYDOMAIN
realm = MYREALM
password server = MYROOTSERVER
security = ADS
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind use default domain = yes winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
template homedir = /home/%D/%U
log file = /var/log/samba/log.%m
winbind separator = \\
encrypt passwords = yes
------------ squid.conf -----------------
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 30
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 15 minutes
auth_param ntlm use_ntlm_negotiate on
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl AuthorizedUsers proxy_auth REQUIRE http_access allow all AuthorizedUsers
Now my users can authenticate to the proxy but in the access log I find the following values:
1085481771.956 310 MYIPADDRESS TCP_MISS/200 3368 GET http://www.google.it/ MYDOMAIN\encrypt%20passwords%20=%20noMYUSER DIRECT/66.102.9.104 text/html
where does that "encrypt%20passwords%20=%20yes" come from ?
How can I prevent that ?
Regards
Riccardo
_______________________________________
Connessione ed e-mail gratuita da 10 mb
consultabile tramite web e tramite pop.
www.infinito.it vieni a scoprire tutti i nostri servizi!
http://www.infinito.it/xmail
