Fwd: RE: [squid-users] ntlm authentication
dhana krishnan
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
as there isa no reply...posting again.plz help me
asap.
thanka a lot,
dhana
Note: forwarded message attached.
________________________________________________________________________
Everything you always wanted to know about cars and bikes,now
at: http://in.autos.yahoo.com/cricket/tracker.html
--0-2145350515-1022645831=:93717
Content-Type: message/rfc822
Content-Transfer-Encoding: 8bit
X-Apparently-To: dhan...@yahoo.co.in via web8101.in.yahoo.com; 28 May 2002 16:26:17 +0500 (IST)
X-Track: -20:1
Return-Path: <squid-users-return-16155-dhanseker=yahoo...@squid-cache.org>
Received: from squid-cache.org (206.168.0.9)
by mta103.mail.in.yahoo.com with SMTP; 28 May 2002 16:26:16 +0500 (IST)
Received: (qmail 74299 invoked by uid 1007); 28 May 2002 10:55:55 -0000
Mailing-List: contact squid-us...@squid-cache.org; run by ezmlm
Precedence: bulk
X-No-Archive: yes
List-Post: <mailto:squid...@squid-cache.org>
List-Help: <mailto:squid-us...@squid-cache.org>
List-Unsubscribe: <mailto:squid-users...@squid-cache.org>
List-Subscribe: <mailto:squid-user...@squid-cache.org>
Delivered-To: mailing list squid...@squid-cache.org
Received: (qmail 74287 invoked from network); 28 May 2002 10:55:54 -0000
Date: Tue, 28 May 2002 11:55:52 +0100 (BST)
From: =?iso-8859-1?q?dhana=20krishnan?= <dhan...@yahoo.co.in>
To: squid...@squid-cache.org
In-Reply-To: <AD112C8ABC61D511B88500902785FCE1026D56FD@HPSB31EX57>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Subject: RE: [squid-users] ntlm authentication
Content-Length: 506
Hello all,
Does squid NTLM works with WINNT4.0 domain controller?
if so, howto configure winnt domain controller to use
ntlm?
Thanks for any help.
dhana
> From: dhana krishnan
> To: squid...@squid-cache.org
> Sent: 5/28/02 1:55 PM
> Subject: [squid-users] ntlm authentication
>
> Hello all,
>
>
> I'm using NTLM authentication. I've installed and
> configured, but not able to authenticate WINNT
> users,
> but i was able to authenticate in samba server. I've
> tried with command line option, which results in BH
> Helper detected protocol error.
> Do I need to set any permission in WINNT server?
>
> squid-2.5PRE7 on RHlinux.
>
> Thanks in advance..
> -dhana
>
>
________________________________________________________________________
> Everything you always wanted to know about cars and
> bikes,now
> at: http://in.autos.yahoo.com/cricket/tracker.html
________________________________________________________________________
Everything you always wanted to know about cars and bikes,now
at: http://in.autos.yahoo.com/cricket/tracker.html
--0-2145350515-1022645831=:93717--
dhana krishnan
I'm using ntlm_auth on WINNT4.0 domain controller not
winbind. while trying to browse, only error results.
I'm getting following messages(errors) in cache.log.
ntlm-auth[672](ntlm_auth.c:277): managing request
ntlm-auth[672](ntlm_auth.c:283): ntlm authenticator.
Got 'YR' from Squid
ntlm-auth[672](ntlm_auth.c:232): obtain_challenge:
selecting DOMAIN\172.16.1.3 (attempt #1)
ntlm-auth[672](ntlm_auth.c:244): attempting challenge
retrieval
ntlm-auth[672](libntlmssp.c:119): Connecting to server
172.16.1.3 domain DOMAIN
ntlm-auth[672](libntlmssp.c:126): Couldn't connect to
SMB Server. Error:The attempt to call the remote
server failed. See protocol error info.
RFCNBE_CallRejCNNP: Call rejected. Called name
not present.
ntlm-auth[672](ntlm_auth.c:246): make_challenge
retuned (nil)
ntlm-auth[672](ntlm_auth.c:252): Marking DC as DEAD
ntlm-auth[672](ntlm_auth.c:255): moving on to next
controller
and in access.log ,i'm getting TCP_DENIED/407.
Don't know what may be the problem.
Thansk...
-dhana
--- Henrik Nordstrom <h...@marasystems.com> wrote: >
dhana krishnan wrote:
> > Does squid NTLM works with WINNT4.0 domain
> controller?
>
> Yes, NTLM needs a NT domain controller or server
> where to you want to
> authenticate..
>
> > if so, howto configure winnt domain controller to
> use ntlm?
>
> Nothing special needs to be configured on the NT
> side of things when using
> the SMB helper (ntlm_auth). If using winbind then
> you need to set up a
> workstation/server account for your winbind server..
> (see the Samba winbind
> installation instructions).
>
> Regards
> Henrik
Henrik Nordstrom
login servers.. It needs to know these by name.
Can you ping the servers by their netbios name? If not, add them to your
/etc/hosts file...
dhana krishnan
Thansk for your reply. I can able to ping.
I've already added netbios anme in /etc/hosts file.
But in squid.conf, when i added ip(domain
controller)as
auth_param ntlm program
/usr/local/squid/libexec/ntlm_auth
domainame/172.16.1.3
ntlm_auth won't works...same error in both log files
as in previous mail.
once when i added domaincontrollername instead of IP,
ntlm_auth works fine(able to access pages) with
following error in cache.log file.
auth_param ntlm program
/usr/local/squid/libexec/ntlm_auth
domainame/domaincontroller name
cache.log shows..
Reviving DC
ntlm-auth[772](ntlm_auth.c:244): attempting challenge
retrieval
ntlm-auth[772](libntlmssp.c:119): Connecting to server
172.16.1.3 domain DOMAIN
ntlm-auth[772](libntlmssp.c:126): Couldn't connect to
SMB Server. Error:The attempt to call the remote
server failed. See protocol error info.
RFCNBE_CallRejCNNP: Call rejected. Called name
not present.
ntlm-auth[772](ntlm_auth.c:246): make_challenge
retuned (nil)
ntlm-auth[772](ntlm_auth.c:252): Marking DC as DEAD
ntlm-auth[772](ntlm_auth.c:255): moving on to next
controller
ntlm-auth[823](ntlm_auth.c:232): obtain_challenge:
selecting DOMAIN\172.16.1.3 (attempt #1)
......
what may be wrong?
Thansk and Regards,
-dhana