Hi,<br><br>Issue: permissions on /var/run/samba/winbindd_privileged/ and /usr/bin/ntlm_auth for Squid<br><br>I've faced this issue on my Debian 4.0 with winbind 3.0.24 and Squid 2.6.12 from testing.<br><br>I've solved in this way:
<br><br>- added the proxy user to the winbindd_privileged group<br>- in /etc/squid/squid.conf<br> set "cache_effective_user proxy" but NOT "cache_effective_group proxy" since from the documentation of Squid:
<br><br># TAG: cache_effective_group<br># If you want Squid to run with a specific GID regardless of<br># the group memberships of the effective user then set this<br># to the group (or GID) you want Squid to run as. When set
<br># all other group privileges of the effective user is ignored<br># and only this GID is effective. If Squid is not started as<br># root the user starting Squid must be member of the specified<br># group.
<br># cache_effective_group proxy<br><br>So if you set this option the Squid process will lose supplementary group and will not have access to winbindd_privileged.<br><br>HTH.<br>Cheers,<br>Luca<br><br>