Avinash Rao wrote:
> Thanks for the quick response.
> And, yes i will install squid using apt-get install command.
> The basic winbindd functionality "wbinfo -t": is not successful
>
> wbinfo -t
> checking the trust secret via RPC calls failed
> error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc0000233)
> Could not check secret
>
> Even, wbinfo -a mydomain\\myuser%mypasswd is unsuccessful
>
> Wondering how i should proceed without this?
Start by continuing to include the mailing list in your replies please.
I'm far from expert (or even beginner) with this. The real experts are
lurking on the mailing list somewhere.
Amos
>
>
> On Mon, Aug 17, 2009 at 1:15 PM, Amos Jeffries<squid3_at_treenet.co.nz> wrote:
>> [re-inserting squid-users mailing list]
>>
>> Avinash Rao wrote:
>>>
>>> On Mon, Aug 17, 2009 at 11:30 AM, Amos Jeffries <squid3_at_treenet.co.nz
>>> <mailto:squid3_at_treenet.co.nz>> wrote:
>>>
>>> Avinash Rao wrote:
>>>
>>> Dear all,
>>>
>>> I am new here and i would like to know the correct procedure for
>>> compiling squid to integrate with samba.
>>> I am doing this on a Ubuntu 8.04 Server 64-bit edition and i
>>> have all
>>> the updates installed. Infact, i have installed samba through
>>> apt-get
>>> install and is configured as a PDC.
>>>
>>> dpkg -l | grep samba
>>> ii samba 3.0.28a-1ubuntu4.8 a LanManager-like file and
>>> printer server fo
>>> ii samba-common 3.0.28a-1ubuntu4.8 Samba common files used
>>> by both
>>> the server a
>>>
>>> I am in need of controlling internet access for samba domain users
>>> through squid. I read the documentation and it says Squid must be
>>> built with the configure options:
>>>
>>> --enable-auth="ntlm,basic"
>>> --enable-basic-auth-helpers="
>>> winbind"
>>> --enable-ntlm-auth-helpers="winbind"
>>>
>>> According to the documentation,
>>> --------
>>> Samba 3.x
>>> ---------
>>> Things are much easier under the 3.x versions of Samba. Smbd is no
>>> longer required to manage the machine's trust account, and there
>>> is
>>> no need to patch any utilities.
>>> The Samba team has incorporated functionality to change the machine
>>> trust account password in the new "net" command. A simple daily
>>> cron
>>> job scheduling "net rpc changetrustpw" is all that is needed.
>>>
>>>
>>> I went through the squid documentation and the configure options
>>> are
>>> vast. All i want is normal squid operations but with samba
>>> integration. Do I have to specify other options for normal squid
>>> operations?? What is the correct procedure and which version of
>>> squid
>>> suits well for the version of samba i am using? I have used
>>> squid but
>>> never compiled. My requirement with samba is PDC, winxp clients,
>>> users home directories are mapped as they login to the domain, a
>>> common share for all users and a printer if needed.
>>>
>>> Many Thanks,
>>> Avinash
>>>
>>>
>>> This covers the NTLM auth via Samba requirements.
>>> http://wiki.squid-cache.org/ConfigExamples/Authenticate/Ntlm
>>>
>>> This covers the Active Directory (kerberos/negotiate auth)
>>> requirements:
>>>
>>> http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirectory
>>>
>>>
>>> Amos
>>> -- Please be using
>>> Current Stable Squid 2.7.STABLE6 or 3.0.STABLE18
>>> Current Beta Squid 3.1.0.13
>>>
>>>
>>>
>>>
>>> Amos,
>>>
>>> Thanks for the reply.
>>>
>>> I read the documentation, and it says, "
>>>
>>> As Samba-3.x has it's own authentication helper there is no need to build
>>> any of the Squid authentication helpers for use with Samba-3.x (and the
>>> helpers provided by Squid won't work if you do). You do however need to
>>> enable support for the NTLM scheme if you plan on using this. Also you may
>>> want to use the wbinfo_group helper for group lookups
>>>
>>> --enable-auth="ntlm,basic"
>>> --enable-external-acl-helpers="wbinfo_group"
>>>
>>> Does this mean that squid has to be compiled with the above options? I
>>> am sorry if this sounds very basic. Also, my requirement, i should be able
>>> to restrict few users samba users from accessing the internet through at
>>> certain times and not necessary authentication. Will the above options
>>> help.
>>>
>>> Thanks,
>>> Avinash
>>>
>> The Squid packages available for Ubuntu already have those helpers built-in
>> and installed along with the package. All you need is the configuration file
>> changes.
>>
>> If you are building your own Squid from raw source code, you may need to add
>> them.
>>
>> For someone who does not know the very basics I would seriously advise
>> staying with the pre-packaged versions of Squid until you know what you are
>> doing.
>> --> apt-get install squid
>>
>> Then change the /etc/squid.conf file as needed.
>>
>>
>> Amos
>> --
>> Please be using
>> Current Stable Squid 2.7.STABLE6 or 3.0.STABLE18
>> Current Beta Squid 3.1.0.13
>>
-- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE18 Current Beta Squid 3.1.0.13Received on Mon Aug 17 2009 - 13:14:09 MDT
This archive was generated by hypermail 2.2.0 : Mon Aug 17 2009 - 12:00:03 MDT