Tugger the SLUGger!SLUG Mailing List Archives

Re: [SLUG] squid authentication with winbind.


On Fri, 30 May 2003 12:18 pm, James Gray wrote:
> On Fri, 30 May 2003 11:51 am, Gareth Walters wrote:
> > ----- Original Message -----
> > From: "James Gray" <james@xxxxxxxxxxxxxxxx>
> > To: "Gareth Walters" <garethw@xxxxxxxxxxxxxxxxxxxxx>
> > Sent: Friday, May 30, 2003 10:57 AM
> > Subject: Re: [SLUG] squid authentication with winbind.
> >
> > > Yeh it took me 3 days (on and off) to get squid+winbind
> > > (authenticating to a Win2K in^H^HActive Directory) working on
> > > FreeBSD.  You ask if there is any additional testing you can do. 
> > > Here are my suggestions:
> >
> > Thanks James
> >
> > > 1. Did you test the "wb_auth" helper as described in the URL you gave
> > > in your original message? What was the result?  (FAQ-23: Section
> > > 23.5, scroll down to "Configure Squid" and just below that is "Test
> > > the helpers"). Remember "wb_auth" is a squid helper whereas "wbinfo"
> > > is a SAMBA component...dont confuse the two ;)  If wb_auth doesn't
> > > exist, you need to compile squid with winbind options.
> >
> > Hmm I think you found something, wb_auth only gives this output
> > ]#wb_auth -d
> > /wb_auth[17721](wb_basic_auth.c:168): basic winbindd auth helper build
> > May 29 2003, 15:45:56 starting up...
> > mydomain\myuser mypassword"
> > /wb_auth[17721](wb_basic_auth.c:129): Got ''"' from squid (length:25).
> >
> > and it ends there nothing else
>
> Hmmm. Looks like wb_auth might not be compiled properly (maybe?).  I'm
> assuming the " after the 'mypassword' was a typo.
>
> A light bulb just came on for me: is winbindd and nmbd running when you
> tried using "wb_auth"??  I remember having problems authnticating when I
> started out but realised the underlying daemons weren't runing (forehead
> slap).  Just a thought.

I know - replying to your own messages is kinda dumb but I thought a 
cut-and-paste of what is actually running on my fBSD proxy might be useful 
:)


Here is a working authentication (Squid 2.5STABLE1 on FreeBSD 4.7)

> wb_auth -d
/wb_auth[79247](wb_basic_auth.c:168): basic winbindd auth helper build Nov 
20 2002, 14:18:44 starting up...
domain\userid passowrd
/wb_auth[79247](wb_basic_auth.c:129): Got 'ocs\jgray Gumb00t' from squid 
(length: 17).
/wb_auth[79247](wb_basic_auth.c:55): winbindd result: 0
/wb_auth[79247](wb_basic_auth.c:58): sending 'OK' to squid
OK
^C

And here are the relevant daemons:
> ps -ax|egrep "winbind|mbd"
  128  ??  Ss    10:05.07 /usr/local/sbin/nmbd
  130  ??  Ss     6:51.01 /usr/local/sbin/winbindd

HTH

--James
__________________________
A random quote of nothing:

For years a secret shame destroyed my peace--
I'd not read Eliot, Auden or MacNiece.
But now I think a thought that brings me hope:
Neither had Chaucer, Shakespeare, Milton, Pope.
		-- Justin Richardson.