|
|
请教各位
squid 作用LDAP用户做认证,老是通不过;但samba能使用LDAP的用户;
请教一下,squid 什么地方配置有问题
squid的access.log
1235906707.981 171 192.168.0.2 TCP_DENIED/407 1679 GET http://www.sina.cm/ user2 NONE/- text/html
1235906714.741 949 192.168.0.2 TCP_DENIED/407 1679 GET http://www.sina.cm/ user2 NONE/- text/html
ldap日志
Mar 1 20:17:20 samba squid[3150]: Squid Parent: child process 3152 exited due to signal 6
Mar 1 20:17:23 samba squid[3150]: Squid Parent: child process 3162 started
Mar 1 20:17:38 samba squid[3150]: Squid Parent: child process 3162 exited due to signal 6
Mar 1 20:17:41 samba squid[3150]: Squid Parent: child process 3170 started
squid.conf文件
http_port 192.168.0.6:8080
cache_mem 256 MB
cache_dir ufs /tmp/cache 500 16 256
cache_swap_low 90
cache_swap_high 95
cache_effective_user squid
cache_effective_group squid
cache_access_log /var/log/squid/access.log
cache_store_log /var/log/squid/store.log
cache_log /var/log/squid/cache.log
dns_nameservers 202.96.209.6
visible_hostname 192.168.0.6
cache_mgr [email protected]
auth_param basic program /usr/lib/squid/squid_ldap_auth -b "ou=Users,dc=test,dc=com" -v 3
acl authuser proxy_auth REQUIRED
acl all src 0.0.0.0/0.0.0.0
http_access allow authuser
http_access deny all
ldap数据文件
dn: ou=Computers,dc=test,dc=com
objectClass: top
objectClass: organizationalUnit
ou: Computers
dn: cn=Account Operators,ou=Groups,dc=test,dc=com
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 548
cn: Account Operators
description: Netbios Domain Users to manipulate users accounts
sambaSID: S-1-5-32-548
sambaGroupType: 5
displayName: Account Operators
dn: cn=Administrators,ou=Groups,dc=test,dc=com
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 544
cn: Administrators
description: Netbios Domain Members can fully administer the computer/sambaD
omainName
sambaSID: S-1-5-32-544
sambaGroupType: 5
displayName: Administrators
dn: cn=Backup Operators,ou=Groups,dc=test,dc=com
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 551
cn: Backup Operators
description: Netbios Domain Members can bypass file security to back up file
s
sambaSID: S-1-5-32-551
sambaGroupType: 5
displayName: Backup Operators
dn: cn=Domain Admins,ou=Groups,dc=test,dc=com
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 512
cn: Domain Admins
memberUid: root
description: Netbios Domain Administrators
sambaSID: S-1-5-21-304967932-3101878458-3511987363-512
sambaGroupType: 2
displayName: Domain Admins
dn: cn=Domain Computers,ou=Groups,dc=test,dc=com
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 515
cn: Domain Computers
description: Netbios Domain Computers accounts
sambaSID: S-1-5-21-304967932-3101878458-3511987363-515
sambaGroupType: 2
displayName: Domain Computers
dn: cn=Domain Guests,ou=Groups,dc=test,dc=com
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 514
cn: Domain Guests
description: Netbios Domain Guests Users
sambaSID: S-1-5-21-304967932-3101878458-3511987363-514
sambaGroupType: 2
displayName: Domain Guests
dn: cn=Domain Users,ou=Groups,dc=test,dc=com
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 513
cn: Domain Users
description: Netbios Domain Users
sambaSID: S-1-5-21-304967932-3101878458-3511987363-513
sambaGroupType: 2
displayName: Domain Users
dn: cn=Print Operators,ou=Groups,dc=test,dc=com
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 550
cn: Print Operators
description: Netbios Domain Print Operators
sambaSID: S-1-5-32-550
sambaGroupType: 5
displayName: Print Operators
dn: cn=Replicators,ou=Groups,dc=test,dc=com
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 552
cn: Replicators
description: Netbios Domain Supports file replication in a sambaDomainName
sambaSID: S-1-5-32-552
sambaGroupType: 5
displayName: Replicators
dn: ou=Groups,dc=test,dc=com
objectClass: top
objectClass: organizationalUnit
ou: Groups
dn: ou=Idmap,dc=test,dc=com
objectClass: top
objectClass: organizationalUnit
ou: Idmap
dn: uid=nobody,ou=Users,dc=test,dc=com
cn: nobody
sn: nobody
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: sambaSamAccount
objectClass: posixAccount
objectClass: shadowAccount
gidNumber: 514
uid: nobody
uidNumber: 999
homeDirectory: /dev/null
sambaPwdLastSet: 0
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaPwdMustChange: 2147483647
sambaHomePath: \\%L\nobody\.profile
sambaHomeDrive: H:
sambaProfilePath: \\%L\profiles\nobody
sambaPrimaryGroupSID: S-1-5-21-304967932-3101878458-3511987363-514
sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
sambaAcctFlags: [NUD ]
sambaSID: S-1-5-21-304967932-3101878458-3511987363-2998
loginShell: /bin/false
dn: uid=root,ou=Users,dc=test,dc=com
cn: root
sn: root
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: sambaSamAccount
objectClass: posixAccount
objectClass: shadowAccount
gidNumber: 0
uid: root
uidNumber: 0
homeDirectory: /home/root
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaHomePath: \\%L\root\.profile
sambaHomeDrive: H:
sambaProfilePath: \\%L\profiles\root
sambaPrimaryGroupSID: S-1-5-21-304967932-3101878458-3511987363-512
sambaSID: S-1-5-21-304967932-3101878458-3511987363-500
loginShell: /bin/false
gecos: Netbios Domain Administrator
sambaLMPassword: 552902031BEDE9EFAAD3B435B51404EE
sambaAcctFlags:
sambaNTPassword: 878D8014606CDA29677A44EFA1353FC7
sambaPwdLastSet: 1235531824
sambaPwdMustChange: 1239419824
userPassword: {SSHA}d2KvKsyKKrl2PhcWk8hJtliHdhBNNWlH
shadowLastChange: 14300
shadowMax: 45
dn: uid=user1,ou=Users,dc=test,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSamAccount
cn: user1
sn: user1
givenName: user1
uid: user1
uidNumber: 1001
gidNumber: 513
homeDirectory: /home/user1
loginShell: /bin/bash
gecos: System User
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
displayName: user1
sambaSID: S-1-5-21-304967932-3101878458-3511987363-3002
sambaPrimaryGroupSID: S-1-5-21-304967932-3101878458-3511987363-513
sambaLogonScript: logon.bat
sambaProfilePath: \\%L\profiles\user1
sambaHomePath: \\%L\user1\.profile
sambaHomeDrive: H:
sambaLMPassword: FC26CDB2863917C1AAD3B435B51404EE
sambaAcctFlags:
sambaNTPassword: 00B2C85DDFBD8CC81602D6FC7340EB0B
sambaPwdLastSet: 1235906981
sambaPwdMustChange: 1239794981
userPassword: {SSHA}W3UBHQTHgGkSq8LJTkoTvTnNZ6V5UDI4
shadowLastChange: 14304
shadowMax: 45
dn: uid=user2,ou=Users,dc=test,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
cn: user2
sn: user2
givenName: user2
uid: user2
uidNumber: 1004
gidNumber: 513
homeDirectory: /home/user2
loginShell: /bin/bash
gecos: System User
userPassword: {SSHA}4lfsB3XOzRlxugiLjAEUJJ2ZJ1QxOW5E
shadowLastChange: 14304
shadowMax: 45
dn: ou=Users,dc=test,dc=com
objectClass: top
objectClass: organizationalUnit
ou: Users
dn: sambaDomainName=test,dc=test,dc=com
objectClass: top
objectClass: sambaDomain
objectClass: sambaUnixIdPool
sambaDomainName: test
sambaSID: S-1-5-21-304967932-3101878458-3511987363
gidNumber: 1000
sambaNextRid: 1000
uidNumber: 1005
dn: dc=test,dc=com
objectClass: dcObject
objectClass: organization
o: test
dc: test |
|
IP卡
狗仔卡
发表于 2009-3-1 20:30:55
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡