On Wed, 25 Aug 2004, Mrvka Andreas wrote:
i have suse linux 9.1 where squid3 is precompiled
Hmm.. I think I have to go and shoot someone at SuSE.. Squid3 is not yet released and way away from a production quality release. Having this included in a OS release is pure madness on the level of playing russian roulette.
but i dont get it running authenticating my users with active directory.
here my squid.conf: [...] auth_param basic program /usr/sbin/squid_ldap_auth -p 389 -u cn -R -b dc=subdomain,dc=domain,dc=com -D cn=administrator,cn=users,dc=subdomain,dc=domain,dc=com -w password -f cn=%s -h PDC
Any errors when you try this manually?
auth_param ntlm program /usr/sbin/ntlm_auth -b DOMAIN/PDC DOMAIN/BDC
Hmm.. this program should not be in /usr/sbin/. It should be in libexec/squid/ somewhere..
echo "user pass" | /usr/sbin/ntlm_auth -d DOMAIN\\PDC ntlm-auth[6099](ntlm_auth.c:188): Adding domain-controller DOMAIN\\PDC ntlm-auth[6099](ntlm_auth.c:461): options processed OK ntlm-auth[6099](ntlm_auth.c:285): managing request ntlm-auth[6099](ntlm_auth.c:291): ntlm authenticator. Got 'user pass' from Squid ntlm-auth[6099](ntlm_auth.c:441): sending 'BH Helper detected protocol error' to squid
This is correct. You can not test ntlm helpers manually as they expect NTLMSSP binary blobs as input, not usernames/passwords.
Regards Henrik
