+ Post New Thread
Results 1 to 7 of 7
*nix Thread, Squid Ubuntu 8.04 LTS in Technical; We needs to rebuild our aging squid server and came accross this alternate way to bind with AD HOWTO: Active ...
  1. #1
    monkeyx's Avatar
    Join Date
    Nov 2006
    Posts
    365
    Thank Post
    8
    Thanked 52 Times in 41 Posts
    Rep Power
    26

    Squid Ubuntu 8.04 LTS

    We needs to rebuild our aging squid server and came accross this alternate way to bind with AD

    HOWTO: Active Directory authentication in Ubuntu 8.04 and 8.10 The eternal fight between admins and computers

    Anyone tried this?

  2. Thanks to monkeyx from:

    dhicks (18th June 2009)

  3. #2

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,772
    Thank Post
    1,308
    Thanked 804 Times in 698 Posts
    Rep Power
    247
    Quote Originally Posted by monkeyx View Post
    Anyone tried this?
    Nope, but I'm planning to now!

    --
    David Hicks

  4. #3
    monkeyx's Avatar
    Join Date
    Nov 2006
    Posts
    365
    Thank Post
    8
    Thanked 52 Times in 41 Posts
    Rep Power
    26
    Not sure whether to try it. Our existing server uses samba and winbind and has been rock solid. Main reason for upgrading is make an openVZ template machine on a newer version of Ubuntu.

    It looks like openwise may be less robust and article does not say how well it scales.

    Any other views on this?

  5. #4
    ind1ekid's Avatar
    Join Date
    Jul 2008
    Location
    Nottinghamshire
    Posts
    82
    Thank Post
    6
    Thanked 16 Times in 13 Posts
    Rep Power
    16
    I remember seeing this a while back on the ubuntu help page;
    https://help.ubuntu.com/8.04/serverg...wise-open.html
    I cant remember what put me off going this route, but i didnt use it.

    I setup a new squid box yesterday on 9.04 using the trusty winbind/samba method, and it takes no time at all, plus like you say its rock solid!

  6. #5
    monkeyx's Avatar
    Join Date
    Nov 2006
    Posts
    365
    Thank Post
    8
    Thanked 52 Times in 41 Posts
    Rep Power
    26
    Is is still necessary to create an init.d script to work around the winbindd AD logging issues? We will be using 8.04 LTS rather 9.04 any major differences for squid between 8.04 and 9.04?

    Tim

  7. #6
    ind1ekid's Avatar
    Join Date
    Jul 2008
    Location
    Nottinghamshire
    Posts
    82
    Thank Post
    6
    Thanked 16 Times in 13 Posts
    Rep Power
    16
    Quote Originally Posted by monkeyx View Post
    Is is still necessary to create an init.d script to work around the winbindd AD logging issues? We will be using 8.04 LTS rather 9.04 any major differences for squid between 8.04 and 9.04?

    Tim
    Winbind/AD logging issue? Ive not come across that one, i can check into it if you can point me in the right direction though As for major differences, there doesnt seem to be any noticable ones, ive only had it running since the back of last week but all is well up to now! Ive still got the old box set up still just in case!!

  8. #7
    monkeyx's Avatar
    Join Date
    Nov 2006
    Posts
    365
    Thank Post
    8
    Thanked 52 Times in 41 Posts
    Rep Power
    26
    This is a very dry description of what to do as running around a bit today! :-

    This fixes a permissions issues wthat stops AD logging
    Code:
    chown root:proxy /var/run/samba/winbindd_privileged
    chmod 750 /var/run/samba/winbindd_privileged
    To fix it on a reboot
    vi /etc/init.d/winbind_priv.sh
    Code:
    #!/bin/sh
    #set -x
    WINBINDD_PRIVILEGED=/var/run/samba/winbindd_privileged
    
    chmodgrp() {
        chgrp proxy $WINBINDD_PRIVILEGED || return 1
    }
    
    case "$1" in
        start)
            chmodgrp
            ;;
        restart|reload|force-reload)
            echo "Error: argument '$1' not supported" >&2
            exit 3
            ;;
        stop)
            ;;
        *)
            echo "Usage: $0 start|stop" >&2
            exit 3
            ;;
    esac
    #EOF
    Then update the init system with
    update-rc.d winbind_priv.sh start 21 2 3 4 5 .

    So the answer is yes, still need to do this on latest LTS version of Ubuntu server.



SHARE:
+ Post New Thread

Similar Threads

  1. [Ubuntu] Squid and NTLM
    By localzuk in forum *nix
    Replies: 7
    Last Post: 28th July 2010, 08:09 PM
  2. Replies: 9
    Last Post: 25th March 2008, 07:13 PM
  3. Squid Transparent
    By Jackd in forum *nix
    Replies: 5
    Last Post: 10th October 2007, 03:12 PM
  4. Squid authentication
    By localzuk in forum *nix
    Replies: 21
    Last Post: 14th February 2007, 09:08 AM
  5. Squid and RM proxies
    By HodgeHi in forum Wireless Networks
    Replies: 6
    Last Post: 1st November 2006, 12:02 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •