Изпечатай

[nenni]

здравейте,
имам проблем с нтлм аутн. на потребители от нт домайн. мисля че изчетох доста (явно и доста не съм щом не си го подкарах сам) нещо ми липсва все още:

Имам инсталирана samba 3.0.10
 ./configure --with-winbind
smb.conf:
[global]
   workgroup = mylan
   server string = Samba Server
   security = domain
   load printers = no
   log file = /usr/local/samba/var/log.%m
   max log size = 50
   password server = pdc
   winbind uid = 10000-20000
   winbind gid = 10000-20000
   winbind use default domain = yes
   winbind enum users = yes
   winbind enum groups = yes
   encrypt passwords = yes
   wins server = 10.0.0.1
   dns proxy = no
##
permitions:
drwxr-x---    2 root     squid     4096 Jan 31 15:26 winbindd_privileged

srwxrwxrwx    1 root     squid        0 Jan 31 15:26 pipe

proxy squid (squid-2.5.STABLE5-icap-6-pre3)compiled and configuration:
./configure --enable-auth="ntlm,basic" --enable-external-acl-helpers="wbinfo_group"
--enable-icap-support
squid.conf:

auth_param ntlm program /usr/local/samba/bin/ntlm_auth \
--helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 30
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

auth_param basic program /usr/local/samba/bin/ntlm_auth \
--helper-protocol=squid-2.5-basic auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

acl Auth proxy_auth REQUIRED

http_access allow all Auth

error:
after starting:
./squid -N -d1
 and IE 6 sp2
it crashes:
FATAL: authenticateNTLMHandleReply: called with no result string

in the access.log:

1107254685.852      3 10.3.67.89 TCP_DENIED/407 1698 GET http://web/ - NONE/- \
text/html 1107254695.134      1 10.3.67.89 TCP_DENIED/407 1698 GET http://web/ - \
NONE/- text/html in the cache.log:
2005/02/01 15:31:44| helperStatefulOpenServers: Starting 30 'ntlm_auth' processes
ntlm_auth: error opening config file /usr/local/samba/lib/smb.conf. Error was Invalid \
                or incomplete multibyte or wide character
......

2005/02/01 15:31:48| helperOpenServers: Starting 5 'ntlm_auth' processes
ntlm_auth: error opening config file /usr/local/samba/lib/smb.conf. Error was Invalid \
or incomplete multibyte or wide character ###
squid is ruuning as squid user, squid group

./wbinfo -t, -u, -g , -a user%password is ok and successfull
/usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-basic
        mylan\myuser mypasswd                  
        OK

има и още нещо свързано с winbindd.
./winbindd -i (from samba)

and after that ./w      binfo -t :
checking the trust secret via RPC calls succeeded
./wbinfo -g: (sometimes it works)
Error looking up domain groups
and in the
winbindd -i appears:
cli_pipe: return critical error. Error was Call timed out: server did not
respond after 10000 milliseconds

other thing is /us      r/local/samba/lib/smb.conf :
-rw-------    1 root     staff       10272 Feb  2 17:50 smb.conf,

трябва ли да променя правата з достъп до смб.конф файла.

заради грешката в cache.log на squid-a, проверих и:
I test my smb.conf with :
 ./testparm -s
Load smb config files from /usr/local/samba/lib/smb.conf
Processing section "[homes]"
Processing section "[printers]"
Loaded services file OK.
# Global parameters
[global]
        workgroup = MYLAN
        server string = Netmon
        security = DOMAIN
        password server = MYPDC
        log file = /usr/local/samba/var/log.%m
        max log size = 50
        load printers = No
        dns proxy = No
        wins server = 10.3.67.222
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        winbind use default domain = Yes
        hosts allow = 10.0.1., 10.0.2., 10.0.3., 10.0.4.

[homes]
        comment = Home Directories
        read only = No
        browseable = No

[printers]
        comment = All Printers
        path = /usr/spool/samba
        printable = Yes
        browseable = No

Някой да има предложения?
10x