[squid-users] Squid and Active Directory

Brian E. Conklin bconklin at masongeneral.com
Mon Nov 7 15:09:08 GMT 2005

You must make sure you set the proper permissions on the winbind pipe.

In my distro:
 root# chown root:squid /var/cache/samba/winbindd_privileged
 root# chmod 750 /var/cache/samba/winbindd_privileged

Brian E. Conklin, MCP+I, MCSE
Director of Information Services
Mason General Hospital

> -----Original Message-----
> From: Abbas Salehi [mailto:abbas at isiran.ir] 
> Sent: Friday, November 04, 2005 9:25 PM
> To: squid-users at squid-cache.org
> Subject: [squid-users] Squid and Active Directory
> Dear sir
> I did all of your recommanded from  document step by step
> I  succeeded to joined to the domain and active directory , i 
> can see the
> domain users and
> groups
> kinit command works properly,
> net ads testjoin
> Join is OK
> net ads join administrator
> Joined 'squid-server' to realm 'TEST.COM'
> But ntlm_auth does not work properly,
> I have following error when i run it :
> ntlm_auth --username=administrator
> password: ******
> (0xc00000da)
> when i run the squid and set the the machine as proxy,the 
> squid authenticate
> but does not accept the user
> When i browes some web pages, bring the dialog box, contain user and
> password and domian,
> but does not accept,
> We have following error in my logs
> Winbind :
> [2005/10/30 14:02:11, 0] nsswitch/winbindd_util.c:get_trust_pw(1033)
>   get_trust_pw: could not fetch trust account password for my domain
> Can anybody help me,
> How can i  solve this problem,
> Regards
> Abbas Salehi

Mason General Hospital 
901 Mt. View Drive 
PO Box 1668 
Shelton, WA 98584 
(360) 426-1611 
This message is intended for the sole use of the individual and entity 
to whom it is addressed and may contain information that is privileged, 
confidential and exempt from disclosure under applicable law. If you 
are not the addressee nor authorized to receive for the addressee, you 
are hereby notified that you may not use, copy, disclose or distribute 
to anyone this message or any information contained in the message. If 
you have received this message in error, please immediately notify the 
sender and delete the message. 
Replying to this message constitutes consent to electronic monitoring
of this message. 
Thank you. 

More information about the freebsd-questions mailing list