+ Responder ao Tópico



  1. #1

    Padrão Squid mensagem de erro

    Olá Galera

    Estou fazendo o Squid autentificar numa base AD, estou com problema na inicialização do squid, está dando essa mensagem
    ./squid -s -d
    2007/10/17 14:54:18| Starting Squid Cache version 2.5.STABLE14 for i686-pc-linux-gnu...
    2007/10/17 14:54:19| WARNING: ntlmauthenticator #1 (FD 8) exited
    2007/10/17 14:54:19| WARNING: ntlmauthenticator #2 (FD 9) exited
    2007/10/17 14:54:19| WARNING: ntlmauthenticator #3 (FD 10) exited
    2007/10/17 14:54:19| WARNING: ntlmauthenticator #4 (FD 11) exited
    2007/10/17 14:54:19| WARNING: ntlmauthenticator #5 (FD 12) exited
    2007/10/17 14:54:19| Too few ntlmauthenticator processes are running

    Meu samba está enxergando todo base de usuarios através de wbind e como getent consegue retorno de todos usuarios do A.D e serviços do Samba sobem sem nenhum problema.

    Alguém tem alguma ideia ?

    Coloquei minha configuração do squid logo abaixo

    #/mnt/elo/Programas/binario/Squid/libexec/./ntlm_auth
    auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
    auth_param ntlm use_ntlm_negotiate off
    auth_param ntlm children 10
    auth_param ntlm max_challenge_reuses 0
    auth_param ntlm max_challenge_lifetime 5 minutes

    auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
    auth_param basic children 5
    auth_param basic realm PROXY DOMINIO
    auth_param basic credentialsttl 2 hours
    #auth_param basic casesensitive off
    #authenticate_cache_garbage_interval 10 seconds

    Obrigado
    Bruno Steven

  2. #2

    Padrão

    tente executar o ntlm_auth manualmente e veja o erro q ele esta dando..

    esta mensagem ai que o squid da.. eh que os processos estao 'morrendo' e voltando..



  3. #3

    Padrão

    Olá

    Cara executei ntlm_auth com parametro para debug (só para teste) e funcionou !!

    ntlm_auth -d DOMAIN/servidor
    ntlm-auth[3339](ntlm_auth.c:187): Adding domain-controller Domain/Servidor
    ntlm-auth[3339](ntlm_auth.c:460): options processed OK

    Também tentei executar a linha do ntlm no squid.conf
    /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp

    /usr/bin/ntlm_auth: invalid option -- -
    unknown option: -?. Exiting
    /usr/bin/ntlm_auth usage:
    /usr/bin/ntlm_auth [-b] [-f] [-d] [-l] domain\controller [domain\controller ...]
    -b enables load-balancing among controllers
    -f enables failover among controllers (DEPRECATED and always active)
    -l changes behavior on domain controller failyures to last-ditch.
    -d enables debugging statements if DEBUG was defined at build-time.

    You MUST specify at least one Domain Controller.
    You can use either \ or / as separator between the domain name
    and the controller name
    /usr/bin/ntlm_auth: invalid option -- h
    unknown option: -?. Exiting
    /usr/bin/ntlm_auth usage:
    /usr/bin/ntlm_auth [-b] [-f] [-d] [-l] domain\controller [domain\controller ...]
    -b enables load-balancing among controllers
    -f enables failover among controllers (DEPRECATED and always active)
    -l changes behavior on domain controller failyures to last-ditch.
    -d enables debugging statements if DEBUG was defined at build-time.


    Será que devo especificar o controlador de dominio ? se for qual parametro que uso ?
    Esse parametro /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp , sera que ta certo ?

    Voce tem alguma ideia ?

  4. #4

    Padrão

    Ola
    Entrei com esse comando --> ntlm_auth DOMINIO/PDC --helper-protocol=squid-2.5-basic
    e erro continua, quando entro com comando sem especificar o helper comando -->
    ntlm_auth -d DOMAIN/servido funciona.

    Entrei no arquivo cache.log e achei essa saida, você tem ideia do que é isso ?

    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)


    Obrigado ai pela força .



  5. #5

    Padrão

    tenta assim


    ntlm_auth DOMAIN/servidor

    o -d eh pra debug !!

  6. #6

    Padrão

    Olá

    Cara fiz alteração a mensagem do problema mudou mas apareceu outra, você tem ideia porque isso acontece ?

    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)
    fgets() failed! dying..... errno=0 (Success)



  7. #7

    Padrão

    Ola pessoal

    Desculpa pela demora em responder o post mas as coisas aqui estao super complicadas, consegui fazer o squid autentificar no A.D, o problema todo estava no arquivo
    external_acl_type NT_global_group children=10 %LOGIN /opt/Programas_tmp/squid25/libexec/wbinfo_group.pl

    quando iniciava o squid dava aquela bando erro, entrei no arquivo "cache.log" e la estava falando que o caminho do arquivo estava errado, ajustei e deu certo !!

    Parametro para autentificar.
    auth_param basic program /usr/bin/ntlm_auth -d dominio/maquina

    Obrigado