+ Post New Thread
Results 1 to 8 of 8
*nix Thread, Squid and NTLM in Technical; I have an issue with a new Squid box I'm setting up. I have set up the settings per all ...
  1. #1

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,631
    Thank Post
    514
    Thanked 2,442 Times in 1,890 Posts
    Blog Entries
    24
    Rep Power
    831

    Squid and NTLM

    I have an issue with a new Squid box I'm setting up. I have set up the settings per all the various advice threads on here and across the web. Namely, pretty much the same as NTLM auth squid

    However, I have the same problem that that thread indicates...

    ie. I get messages saying 'Login for user [SCH4290\username]@[ITS] failed due to [winbind client not authorized to use winbindd_pam_auth_crap. Ensure permissions on /var/run/samba/winbindd_privileged are set correctly.]'

    Where am I going wrong?

  2. #2

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    Code:
    chown root:squid /var/cache/samba/winbindd_privileged
    chmod 750 /var/cache/samba/winbindd_privileged

  3. #3

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,631
    Thank Post
    514
    Thanked 2,442 Times in 1,890 Posts
    Blog Entries
    24
    Rep Power
    831
    winbindd_privileged is not in /var/cache/samba, it is in /var/run/samba/.

    So, changing any group/permission settings on it is pointless, as a restart resets them back again to the Ubuntu defaults.

    Although, running it when the server is on does make it work (ie. setting the perms for the directory as you say).

  4. #4

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,631
    Thank Post
    514
    Thanked 2,442 Times in 1,890 Posts
    Blog Entries
    24
    Rep Power
    831
    Update, i've edited /etc/init.d/winbind to chown root:squid instead of chgrp winbindd_priv

    Thanks geoff.

  5. #5

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

  6. #6

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,631
    Thank Post
    514
    Thanked 2,442 Times in 1,890 Posts
    Blog Entries
    24
    Rep Power
    831
    Indeed, and that page doesn't actually list a solution - as the one involving the group winbindd_priv doesn't actually work.

    I think I'll stick with what now works

  7. #7
    joe90bass's Avatar
    Join Date
    Oct 2007
    Location
    S Wales
    Posts
    1,349
    Thank Post
    322
    Thanked 107 Times in 96 Posts
    Rep Power
    50
    Quote Originally Posted by localzuk View Post
    Update, i've edited /etc/init.d/winbind to chown root:squid instead of chgrp winbindd_priv

    Thanks geoff.
    Hi Localz,
    I'm having the same issue an Google leads me to your post! What did you put exactly? My Linux knowledge is a bit vague! I'm guessing you're on about this part:
    mkdir -p /var/run/samba/winbindd_privileged || return 1
    chgrp winbindd_priv $PIDDIR/winbindd_privileged/ || return 1
    chmod 0750 $PIDDIR/winbindd_privileged/ || return 1
    start-stop-daemon --start --quiet --oknodo --exec $DAEMON -- $WINBINDD_OPTS
    Cheers

  8. #8
    joe90bass's Avatar
    Join Date
    Oct 2007
    Location
    S Wales
    Posts
    1,349
    Thank Post
    322
    Thanked 107 Times in 96 Posts
    Rep Power
    50
    After searching google and reading above I solved my issue by adding the proxy user to the winbindd_priv group using webmin

SHARE:
+ Post New Thread

Similar Threads

  1. SSO NTLM RADIUS???
    By PWright in forum Wireless Networks
    Replies: 0
    Last Post: 3rd March 2009, 11:52 AM
  2. Joomla and NTLM
    By apeo in forum Web Development
    Replies: 2
    Last Post: 3rd March 2009, 08:19 AM
  3. Squid NTLM passthrough to parent ISA
    By _Jo_ in forum *nix
    Replies: 19
    Last Post: 12th November 2008, 05:25 PM
  4. NTLM auth squid
    By Jackd in forum *nix
    Replies: 10
    Last Post: 21st April 2008, 09:33 AM
  5. Replies: 6
    Last Post: 27th February 2007, 08:00 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •