Настроил squid 2.5 + samba 3.0.4:
auth_param ntlm program /usr/bin/ntlm_auth \ --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/bin/ntlm_auth \ --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours
acl AuthorizedUsers proxy_auth REQUIRED acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT
http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow AuthorizedUsers http_access allow localhost http_access deny all
IE работает нормально без проблем. Вот Mozilla и Opera выводят диалоговое окно ввода пароля и не хотят авторизоваться. В winbindd.дщп нахожу следующее (интересна последняя строчкка)
[2004/07/01 09:39:24, 6] nsswitch/winbindd.c:new_connection(343) accepted socket 20 [2004/07/01 09:39:24, 5] nsswitch/winbindd.c:winbind_client_read(465) read failed on sock 19, pid 29468: EOF [2004/07/01 09:39:24, 5] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(423) no domain specified with username (administrator) - failing auth [2004/07/01 09:39:24, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(612) NTLM CRAP authentication for user [(null)]\[administrator] returned NT_STATUS_NO_SUCH_USER (PAM: 10)
Как лечить?
