[squid-users] Testing Kerberos and LDAP connections

dolson at ihcrc.org dolson at ihcrc.org
Wed Jan 13 15:36:18 UTC 2016


Is there a way to test the following lines from my squid.conf file to make sure the connections are working correctly?

### negotiate kerberos and ntlm authentication
auth_param negotiate program /usr/local/bin/negotiate_wrapper -d --ntlm /usr/lib/squid3/ntlm_smb_lm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=IHCRC --kerberos /usr/lib/squid3/negotiate_kerberos_auth -d -s GSS_C_NO_NAME
auth_param negotiate children 10
auth_param negotiate keep_alive off

### pure ntlm authentication
auth_param ntlm program /usr/lib/squid3/ntlm_smb_lm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=IHCRC
auth_param ntlm children 10
auth_param ntlm keep_alive off

### provide basic authentication via ldap for clients not authenticated via kerberos/ntlm
auth_param basic program /usr/lib/squid3/basic_ldap_auth -R -b "dc=ihcrc,dc=org" -D squid at ihcrc.org -W /etc/squid3/ldappass.txt -f sAMAccountName=%s -h srv-dataserver2.ihcrc.org
auth_param basic children 10
auth_param basic realm Internet Proxy
auth_param basic credentialsttl 1 minute

When I run them at the command lines, minus the statements from Children down, I just get a huge print out of some man pages.  I'm trying to identify why I can't get AD authentication to work correctly on my Squid server, so I'm trying to test each area of the squid.conf file independently.

Thank you,

Dan Olson
Indian Health Care Resource Center
Network Support Specialist
Main: 918.588.1900 Ext. 2212
Direct: 918.382.1212
www.ihcrc.org<http://www.ihcrc.org>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160113/90213dc9/attachment-0001.html>


More information about the squid-users mailing list