Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: Winbind SME55 W2K & Dansguardian
« previous next »
Pages: [1]   Go Down

Winbind SME55 W2K & Dansguardian

  • 3 Replies
  • 442 Views

J Roll

Winbind SME55 W2K & Dansguardian
« on: January 25, 2003, 04:16:13 AM »
I have been trying to setup winbind on SME55 server in a W2K domain. My goal is to use PAM with dansguardian, eliminate the logon screen that appears when IE is opened and have the w2k domain users access the internet through the SME55 server.

I have successfully joined the w2k domain, but wbinfo –u gets “error looking up domain users.” wbinfo –t gets “secret is good.” wbinfo  -a username%password gets “challenge/response password authentication succeeded.” But I still get the error with wbinfo –u. I expect to get:

test+administrator
test+student1
test+student2

I know I have to set up the pam.d files, but I think I need to be able to see the W2K domain users first. Am I right that I only have to edit the pam.d\squid file?

I have edited the hosts, nsswitch and smb.conf files. When I get everything to work, I plan to edit the custom templates and leave the originals.

Any help is greatly appreciated. Thanks in advance.
Logged

Craig Foster

Re: Winbind SME55 W2K & Dansguardian
« Reply #1 on: January 25, 2003, 09:55:38 AM »
If you've set your W2K servers to Win2000 mode only, it breaks winbind (NT4.5 equiv).

Had the same problem when AD replication fell over (due to 2/5 raid drive failure during final touches to an installation) and W2K mode was turned on accidently.

Damn shame as the school reeeeally liked what info they could get on each student with DansGuardian / Squid, SARG, enforced computer AND user policy, all coupled with winbind and w2k dhcp server.

Be aware that transparent proxying breaks authentication, thus forced computer policy to set IE only and the proxy settings to the e-smith server.
Logged

J Roll

Re: Winbind SME55 W2K & Dansguardian
« Reply #2 on: January 25, 2003, 07:22:42 PM »
My w2k server is set to mixed mode.

The SME55 server is doing the DHCP.

I have set the proxy access method in dansguardian to "pam_auth, user password required."

The way I have my test network set up now, I have the logs I want. I have 3 problems:

1. The users need to be accessible to SME55. I am trying to accomplish this with winbind.

2. I want to eliminate the second logon screen that appears when a new IE is opened.

3. The IE port on the workstations need to be 8080. I have some ideas on this, but need to address problem 1 first.

Thanks for your post, Craig.
Logged

Nick

Re: Winbind SME55 W2K & Dansguardian
« Reply #3 on: July 21, 2003, 03:40:03 PM »
Where did you get the samba rpm with --with-winbind-challenge-auth compiled in?

I'm going nuts trying to rebuild the official e-smith one.
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: Winbind SME55 W2K & Dansguardian