[squid-users] You MUST specify at least one Domain Controller.You can use either \ or / as separator between the domain name

Ahmed Allzaeem ahmed.zaeem at netstream.ps
Fri Dec 19 23:13:28 UTC 2014 

HI amos , thanks for clarification , 
Actually I modified it with the correct samba path with ==> /usr/bin/ntlm_auth whereas I checked and found that helper !


So , my squid config  file to  :
=======
##Kerberos config for squid
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param ntlm children 10
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Domain Proxy Server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
authenticate_cache_garbage_interval 10 seconds
authenticate_ttl 0 seconds
acl lcl src 192.168.1.0/24
acl auth proxy_auth REQUIRED
http_access allow auth
====================



But I have an error below :
=======================
2014/12/19 08:11:00|   Took 0.00 seconds (  0.00 entries/sec).
FATAL: authenticateNTLMHandleReply: *** Unsupported helper response ***, 'ERR'

Squid Cache (Version 3.1.10): Terminated abnormally.
CPU Usage: 0.047 seconds = 0.022 user + 0.025 sys
Maximum Resident Size: 37904 KB
Page faults with physical i/o: 0
Memory usage for squid via mallinfo():
        total space in arena:    3192 KB
        Ordinary blocks:         3105 KB     15 blks
        Small blocks:               0 KB      0 blks
        Holding blocks:          1012 KB      4 blks
        Free Small blocks:          0 KB
        Free Ordinary blocks:      86 KB
        Total in use:            4117 KB 129%
        Total free:                86 KB 3%
2014/12/19 08:11:03| Starting Squid Cache version 3.1.10 for i386-redhat-linux-gnu...
2014/12/19 08:11:03| Process ID 7571
2014/12/19 08:11:03| With 1024 file descriptors available
2014/12/19 08:11:03| Initializing IP Cache...
2014/12/19 08:11:03| DNS Socket created at [::], FD 8
2014/12/19 08:11:03| DNS Socket created at 0.0.0.0, FD 9
2014/12/19 08:11:03| Adding nameserver 192.168.1.242 from /etc/resolv.conf
2014/12/19 08:11:03| Adding nameserver 199.85.126.20 from /etc/resolv.conf
2014/12/19 08:11:03| helperOpenServers: Starting 10/10 'ntlm_auth' processes
2014/12/19 08:11:03| helperOpenServers: Starting 5/5 'ntlm_auth' processes
2014/12/19 08:11:03| User-Agent logging is disabled.
2014/12/19 08:11:03| Referer logging is disabled.
2014/12/19 08:11:04| Unlinkd pipe opened on FD 44
2014/12/19 08:11:04| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2014/12/19 08:11:04| Store logging disabled
2014/12/19 08:11:04| Swap maxSize 0 + 262144 KB, estimated 20164 objects
2014/12/19 08:11:04| Target number of buckets: 1008
2014/12/19 08:11:04| Using 8192 Store buckets
2014/12/19 08:11:04| Max Mem  size: 262144 KB
2014/12/19 08:11:04| Max Mem  size: 262144 KB
2014/12/19 08:11:04| Max Swap size: 0 KB
2014/12/19 08:11:04| Using Least Load store dir selection
2014/12/19 08:11:04| Set Current Directory to /var/spool/squid
2014/12/19 08:11:04| Loaded Icons.
2014/12/19 08:11:04| Accepting  HTTP connections at [::]:3128, FD 45.
2014/12/19 08:11:04| HTCP Disabled.
2014/12/19 08:11:04| Squid plugin modules loaded: 0
2014/12/19 08:11:04| Adaptation support is off.
2014/12/19 08:11:04| Ready to serve requests.
2014/12/19 08:11:04| Adaptation support is off.
2014/12/19 08:11:04| Ready to serve requests.
2014/12/19 08:11:04| storeDirWriteCleanLogs: Starting...
2014/12/19 08:11:04|   Finished.  Wrote 0 entries.
2014/12/19 08:11:04|   Took 0.00 seconds (  0.00 entries/sec).
2014/12/19 08:11:04|   Took 0.00 seconds (  0.00 entries/sec).
FATAL: authenticateNTLMHandleReply: *** Unsupported helper response ***, 'ERR'

Squid Cache (Version 3.1.10): Terminated abnormally.
CPU Usage: 0.040 seconds = 0.027 user + 0.013 sys
Maximum Resident Size: 38976 KB
Page faults with physical i/o: 0
Memory usage for squid via mallinfo():
        total space in arena:    5120 KB
        Ordinary blocks:         4105 KB     13 blks
        Small blocks:               0 KB      0 blks
        Holding blocks:             0 KB      0 blks
        Free Small blocks:          0 KB
        Free Ordinary blocks:    1014 KB
        Total in use:            4105 KB 80%
        Total free:              1014 KB 20%
2014/12/19 08:11:07| Starting Squid Cache version 3.1.10 for i386-redhat-linux-gnu...
2014/12/19 08:11:07| Process ID 7589
2014/12/19 08:11:07| With 1024 file descriptors available
2014/12/19 08:11:07| Initializing IP Cache...
2014/12/19 08:11:07| DNS Socket created at [::], FD 8
2014/12/19 08:11:07| DNS Socket created at 0.0.0.0, FD 9
2014/12/19 08:11:07| Adding nameserver 192.168.1.242 from /etc/resolv.conf
2014/12/19 08:11:07| Adding nameserver 199.85.126.20 from /etc/resolv.conf
2014/12/19 08:11:07| helperOpenServers: Starting 10/10 'ntlm_auth' processes
2014/12/19 08:11:07| helperOpenServers: Starting 5/5 'ntlm_auth' processes
2014/12/19 08:11:07| User-Agent logging is disabled.
2014/12/19 08:11:07| Referer logging is disabled.
2014/12/19 08:11:07| Unlinkd pipe opened on FD 44
2014/12/19 08:11:07| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2014/12/19 08:11:07| Store logging disabled
2014/12/19 08:11:07| Swap maxSize 0 + 262144 KB, estimated 20164 objects
2014/12/19 08:11:07| Target number of buckets: 1008
2014/12/19 08:11:07| Using 8192 Store buckets
2014/12/19 08:11:07| Max Mem  size: 262144 KB
2014/12/19 08:11:07| Max Swap size: 0 KB
2014/12/19 08:11:07| Using Least Load store dir selection
2014/12/19 08:11:07| Set Current Directory to /var/spool/squid
2014/12/19 08:11:07| Loaded Icons.
2014/12/19 08:11:07| Accepting  HTTP connections at [::]:3128, FD 45.
2014/12/19 08:11:07| HTCP Disabled.
2014/12/19 08:11:07| Squid plugin modules loaded: 0
2014/12/19 08:11:07| Adaptation support is off.
2014/12/19 08:11:07| Ready to serve requests.
2014/12/19 08:11:08| storeLateRelease: released 0 objects
^C
==============================================

-----Original Message-----
From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of Amos Jeffries
Sent: Friday, December 19, 2014 5:01 AM
To: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] You MUST specify at least one Domain Controller.You can use either \ or / as separator between the domain name

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 20/12/2014 11:25 a.m., Ahmed Allzaeem wrote:
> Hi guys im trygint to use Kerberos authentication between squid & AD.
> 
> I have configured ntp  , dns , winbind , samba and also joinf the 
> squid to the AD domina
> 
> 
> 
> Now the issue I have is running squid
> 
> I added the following helpers below :
> 
> 
> 
> 
> #Kerberos config for squid
> 
> auth_param ntlm program /usr/lib/squid/ntlm_smb_lm_auth

This is *not* the Samba NTLM helper. This helper does not even perform NTLMv1. It performs LM protocol (used for authenticating against Windows 3.1 servers) using HTTP "NTLM" auth scheme headers.


> --helper-protocol=squid-2.5-basic

This is a command line parameter for the Samba ntlm_auth helper.

The samba helper still uses the name ntlm_auth. It is probably located in /usr/bin/ or /usr/local/bin/.

Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJUlCGbAAoJELJo5wb/XPRj1awIAI0+646wnDRvjed2bSw7Cote
9tIBA0j7VLF0wcWx1HLpViLhatq2ep7S/isz0pkGwUgcX3w20f1sXfuM3MbdGYH6
Gh3lRCsOaXqRhIQY80pNjfQKs75oGn8Zelqlm3DmJjxCcFLOtj/5Du1CASquajJ5
26T11+HZ9EJ4rwG+LXN3nAXRjcoEGdIt09VmiCLGukHN1FvkFo7Ms0CR0i7urTYD
IQUI4uoObQJVq+vY9gJyzhyEdWJqvK9Q1fM7fUptCcaIGMhkM70Ue8RLu4YUWH82
GzXTf+Hdt7zfnyq0ALusvGOiXyQ3UFcYRfijBuhfEAjPd2Vr2F/7oCoGueieFb8=
=48pC
-----END PGP SIGNATURE-----
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

More information about the squid-users mailing list