≡ Menu

pam

Linux Display Date And Time Of Login

How do I display user last login date and time under Linux operating systems?
[click to continue…]

Sysadmin because even developers need heroes!!!

SSH System Bootup In Progress Please Wait Error and Solution

Q. I’ve Debian Linux server and whenever someone trying to ssh into this box, they get an error as follows and server closes the connection:

System bootup in progress -please wait

How do I fix this problem and allow ssh login?
[click to continue…]

Linux Restrict Execution of /usr/sbin/userhelper to Console Users

I‘m CentOS Linux version 5.x user and I’d like to restrict execution of /usr/sbin/userhelper to console users only in xusers group?
[click to continue…]

Squid NTLM authentication configuration using ntlm_auth

Q. How do I configure squid for NTLM authentication?

A. You need to use squid ntlm_auth helper tool. It o allow external access to Winbind’s NTLM authentication function. ntlm_auth uses winbind to access the user and authentication data for a domain.

Make sure winbindd is working

winbindd is a daemon that provides a number of services to the Name Service Switch capability found in most modern C libraries, to arbitary applications via PAM and ntlm_auth and to Samba itself. If you are not sure about winbindd, refer to official Samba documentation for configuration.

Configure squid for NTLM authentication

Open squid configuration file – squid.conf, enter:
# vi squid.conf
Append following configuration directive:
auth_param ntlm program /usr/lib/squid/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param basic program /usr/lib/squid/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

To setup ntlm_auth for use by squid 2.5 with group limitation, add:
auth_param ntlm program /usr/lib/squid/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of="WORKGROUP\Domain Users"
auth_param basic program /usr/lib/squid/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of="WORKGROUP\Domain Users"
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

OR You can also pass DOMAIN/PDC name:
auth_param ntlm program /usr/lib/squid/ntlm_auth DOMAINNAME/PDC
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

Now add ACL configuration for ntlm_auth helper
acl ntlm_users proxy_auth REQUIRED
http_access allow ntlm_users
http_access deny all

Save and close the file. Restart Squid:
# /etc/init.d/squid restart
For more information:

Updated for accuracy.

How do I Telnet as the Root User?

Q. How do I telnet as the root user?
[click to continue…]