[Samba] Problem with squid+ntlm+samba
Andrew Bartlett
abartlet at samba.org
Mon Oct 7 13:30:56 MDT 2013
On Wed, 2013-10-02 at 10:47 -0300, Silvio Aparecido wrote:
> Hello,
>
> first, sorry by duplicated email, my last have write errors
>
> I'm having a little problem after logging into domain via samba, after a
> few minutes the squid no longer authenticates the users through single
> sign on and keeps asking for authentication in the browser without stopping.
> Error logs:
>
> [2013/10/01 19:39:44, 0]
> utils/ntlm_auth.c:833(manage_squid_ntlmssp_request)
> NTLMSSP BH: NT_STATUS_ACCESS_DENIED
> 2013/10/01 19:39:44| authenticateNTLMHandleReply: Error validating user
> via NTLM. Error returned 'BH NT_STATUS_ACCESS_DENIED'
>
> Login for user [SALE]\[wellington.gomes]@[TI-06] failed due to
> [Access denied]
> 2013/10/01 19:37:35| authenticateNTLMHandleReply: Error validating user
> via NTLM. Error returned 'BH NT_STATUS_ACCESS_DENIED'
> [2013/10/01 19:37:35, 0]
> utils/ntlm_auth.c:833(manage_squid_ntlmssp_request)
> NTLMSSP BH: NT_STATUS_ACCESS_DENIED
>
> [2013/10/01 19:36:52, 10] utils/ntlm_auth.c:2190(manage_squid_request)
> NTLMSSP BH: NT_STATUS_ACCESS_DENIED
>
> [2013/10/01 10:30:12, 3] utils/ntlm_auth.c:329(check_plaintext_auth)
> NT_STATUS_ACCESS_DENIED: Access denied (0xc0000022)
What does wbinfo -P show?
Are you correctly joined to the domain. Can you authenticate using
wbinfo as root, and then as squid?
What do the winbind logs show?
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz
More information about the samba
mailing list