08-08-07 06:15 PM
I am working on Fedora core 5 2.6.15-1.2054_FC5 and gcc
version 4.1.0 .
For starting to install squid i started with 3 phases :-
1) Install Windows 2k3 server and make it a domain controller with AD
account with domain joining permissions .
2) Install Samba binary with sources .
3) Install Squid .
For samba , i chose to samba version 3.0.25b and squid version
2.6.STABLE14 version .
In the 1st phase , i went about setting up a win2k3 server and made it
a domain controller and created an AD user and password . I also
switched off 2 policies in win2k3 server , 1) smb signing 2) secure
channel policy . Both were not suited for my needs .
In the 2nd phase , i chose to install the samba sources . I went
through a couple of posts regarding squid + ntlm setup procedure .
Both the posts had made it compulsory to rebuilt the samba sources and
samba sources are required for squid installation .
I downloaded the samba package and copied to /opt
directory . I Compiled Samba with following options.
./configure --with-winbind --with-winbind-auth-challenge --with-
configdir=/etc/samba
make
make install
I also made a samba start-up script below -
****************************************
****************
#!/sbin/sh
#
# Copyright (c) 2001 by Sun Microsystems, Inc
# All rights reserved.
#
#ident "@(#)samba 1.1 01/09/24 SMI"
case "$1" in
start)
[ -f /etc/sfw/smb.conf ] || exit 0
/usr/sfw/sbin/smbd -D
/usr/sfw/sbin/nmbd -D
/usr/local/samba/sbin/winbindd -D
;;
stop)
pkill smbd
pkill nmbd
pkill winbindd
;;
*)
echo "Usage: $0 { start | stop }"
exit 1
;;
esac
exit 0
Then i ran the following commands :-
ln -s /etc/init.d/samba /etc/rc2.d/S99sambastart
ln -s /usr/lib/libnss_winbind.so /usr/lib/libnss_winbind.so.1
ln -s /usr/lib/libnss_winbind.so /usr/lib/nss_winbind.so.1
ln -s /usr/lib/libnss_winbind.so /usr/lib/nss_winbind.so.2
my /etc/samba/smb.conf file is
****************************************
***********************
[global]
workgroup = supplicant
netbios name = server
server string = SambaServer
#hosts allow = 10.0.0.0/8 127.0.0.1
#guest account = pcguest
log file = /log/samba/log/log.%m
max log size = 50
log level = 3 passdb:5 auth:10 winbind:10
max log size = 1500
security = domain
idmap uid = 15000-20000
idmap gid = 15000-20000
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = no
os level = 20
domain master = no
password server = 10.116.21.150
encrypt passwords = no
winbind use default domain = Yes
winbind uid = 10000-65000
winbind gid = 10000-65000
[homes]
comment = Home Directories
browseable = no
writable = yes
[printers]
****************************************
*******************************
Then i added my system to domain supplicant using the following
command
net rpc join -S wipro-f2poxi2vk -USUPPLICANT/dennis
It asked :-
Enter password : <password>
Joined domain SUPPLICANT
Then to confirm the installation of samba with AD integration -
wbinfo -a SUPPLICANT\\dennis%'ntlm@123' , and output was
plaintext password authentication succeeded
challenge/response password authentication succeeded
then ,
#wbinfo -p , output was
Ping to winbindd succeeded on fd 4
#wbinfo -t , output was
checking the trust secret via RPC calls succeded
when actually the output should have been "Secret good "
But , when i did
#wbinfo -g , output was
Error for looking up groups .
I also tried ,
#wbinfo -u , output was
Error for looking up users .
Also in the win2k3 server on the AD user's and computers
page , my computer name is present confirming that i have finally
added myself to the domain . But it is not able to lookup for groups .
I do not know Why ?
With this problem i decided to contine with the proceeding with the
3rd phase , installation of squid .
I downloaded squid and moved to /opt directory .
For compilation
#./configure --prefix=/usr --enable-async-io --exec_prefix=/usr --
bindir=/usr/sbin --libexecdir=/usr/lib/squid --localstatedir=/var --
sysconfdir=/etc/squid --infodir=/usr/share/info --mandir=/usr/share/
man --enable-gnuregex --with-pthreads --enable-
storeio="aufs,diskd,ufs,null" -enable-poll --enable-delay-pools --
enable-carp --enable-snmp --enable-icmp --enable-basic-auth-
helpers="LDAP,NCSA,PAM" --disable-ident-lookups --disable-wccp --
enable-external-acl-helpers="ldap_group,unix_group,wbinfo_group" --
enable-auth="ntlm,basic" --enable-basic-auth-helpers="winbind" --
enable-ntlm-auth-helpers="winbind,SMB" --with-winbind-auth-challenge
--
with-samba-sources="/opt/samba-3.0.10/source"
while configure , it errors out
*************
checking for gcc... gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ANSI C... none needed
checking for style of include used by make... GNU
checking dependency style of gcc... gcc3
checking whether gcc and cc understand -c and -o together... yes
checking build system type... i686-pc-linux-gnu
checking host system type... i686-pc-linux-gnu
checking for pkg-config... /usr/bin/pkg-config
With pthreads
Store modules built: aufs diskd ufs null
Removal policies built: lru
ICMP enabled
Delay pools enabled
Web Cache Coordination V1 Protocol disabled
SNMP monitoring enabled
Forcing poll() to be enabled
Disabling Ident Lookups
Auth scheme modules built: ntlm basic
ERROR: Basic auth helper winbind does not exists
*************
My winbind is perfectly running as a daemon . My winbind version
is 3.0.21b-2 .
I do not know where i have gone wrong in both the errors while
squid installation . to summarize the error is have ,
1) wbinfo -g - Error looking up groups
2) ./configure <with mentioned options> erroring out because
ERROR: Basic auth helper winbind does not exists
Could any one please help me ! I read many docs regarding Squid
+NTLM setup and FAQ's and help blogs !
[ Post a follow-up to this message ]
| 
