[Samba] Samba-Squid-AD: Error returned 'BH NT_STATUS_ACCESS_DENIED'
fatima riadi
ftmriadi at yahoo.fr
Thu Apr 7 09:47:20 GMT 2005
Hi everybody,
I setup squid-2.5.STABLE9 with samba-3.0.13 to use
winbind authentication over a Windows 2003 Active
Directory.
Web users' authentication from my proxy server box
succeedes.
But when a remote user try to authenticate himself,
authentication failes and Squid return the
following:
authenticateNTLMHandleReply: Error validating user
via NTLM. Error returned 'BH
NT_STATUS_ACCESS_DENIED'
I configured samba with (--with-ads --with-ldap
--with-winbind --with-winbind-auth-challenge).
And I configure squid with
(--enable-auth="ntlm,basic"
--enable-basic-auth-helpers="winbind"
--enable-ntlm-auth-helpers="winbind").
I edited my smb.conf and my krb5.conf files to much
my AD domain settings.
I joined the domain.
My squid.conf file containes the following:
auth_param ntlm program
/usr/local/samba/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param basic program
/usr/local/samba/bin/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Squid proxy-caching web
server
auth_param basic credentialsttl 2 hours
acl authUsers proxy_auth REQUIRED
http_access allow authUsers
http_access deny all
Someone told that this is basicly a samba error.
Does anyone have an idea?
Thanks in advance.
__________________________________________________________________
Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails !
Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/
More information about the samba
mailing list