Re: [SQU] repeated credential prompts with NTLM

Rob,

I've compiled and made changes to squid.conf. So far, so good. I'll keep
you guys posted.

I've configured Apache to work with the cachemgr.cgi script. I _can not_
believe I had never used this before!

Thanks again!
Craig

----- Original Message -----
From: "Robert Collins" <robert.collins@itdomain.com.au>
To: "Craig Fels" <csfels@swbell.net>; "Squid-Users@Ircache.Net"
<squid-users@ircache.net>
Sent: Wednesday, January 03, 2001 7:51 AM
Subject: Re: [SQU] repeated credential prompts with NTLM

> ok, http://www.ideal.net.au/~collinsdial/squidntlm20010103.tar.bz2 is the
magic location. It's a fully checked out source tree of
> the ntlm branch on squid.sourceforge.net I don't know how stable it is (I
only put the recent structural changes into the ntlm code
> today). It works for me, but YMMV.
>
> Note: the squid.conf format for authentication parameters has changed.
READ squid.conf.default under auth_parm. Your existing config
> file can be easily changed to match
>
> authenticate_program ...
> becomes
> auth_param basic program ...
> authenticate_program_ntlm ...
> becomes
> auth_param ntlm program ...
>
> note that you will want the ntlm parameters before the basic ones (to work
around MSIE's brokeness).
>
> Rob
>
> ----- Original Message -----
> From: "Craig Fels" <csfels@swbell.net>
> To: "Robert Collins" <robert.collins@itdomain.com.au>;
"Squid-Users@Ircache.Net" <squid-users@ircache.net>
> Sent: Wednesday, January 03, 2001 11:18 AM
> Subject: Re: [SQU] repeated credential prompts with NTLM
>
>
> > Rob,
> >
> > Thanks. As far as allowing SSH....I'm working on it. The firewall is a
> > little outside my boundaries, so it _may_ not be possible, but I'll try.
> >
> > Thanks again. I'll be looking for that snapshot at the end of the week.
> >
> > Craig
> > ----- Original Message -----
> > From: Robert Collins <robert.collins@itdomain.com.au>
> > To: Craig Fels <csfels@swbell.net>; Squid-Users@Ircache.Net
> > <squid-users@ircache.net>
> > Sent: Tuesday, January 02, 2001 4:42 PM
> > Subject: Re: [SQU] repeated credential prompts with NTLM
> >
> >
> > > I'll generate a snapshot for you later this week. My .2c worth: allow
SSH
> > through the firewall.
> > >
> > > Rob
> > > ----- Original Message -----
> > > From: "Craig Fels" <csfels@swbell.net>
> > > To: "Robert Collins" <robert.collins@itdomain.com.au>;
> > "Squid-Users@Ircache.Net" <squid-users@ircache.net>
> > > Sent: Wednesday, January 03, 2001 9:16 AM
> > > Subject: Re: [SQU] repeated credential prompts with NTLM
> > >
> > >
> > > > Robert,
> > > >
> > > > I'll take a look at the logs and read the FAQ on using cachemgr. I
hate
> > to
> > > > admit this, but I've never used it.
> > > >
> > > > As far as the CVS tree, I'm the guy with the locked down firewall.
I
> > can't
> > > > connect to the CVS server. Any chance you are still thinking of
setting
> > up
> > > > a nightly snapshot? Pretty Please? ;-)
> > > >
> > > > Thanks again!
> > > > Craig
> > > >
> > > > ----- Original Message -----
> > > > From: "Robert Collins" <robert.collins@itdomain.com.au>
> > > > To: "Craig Fels" <csfels@swbell.net>; "Squid-Users@Ircache.Net"
> > > > <squid-users@ircache.net>
> > > > Sent: Tuesday, January 02, 2001 4:12 PM
> > > > Subject: Re: [SQU] repeated credential prompts with NTLM
> > > >
> > > >
> > > > > Hi Craig,
> > > > > What date did you last download the CVS branch and update? I'm
> > running
> > > > with a windows 2000 DC without any erroneous error
> > > > > prompts. (Don't download the CVS tree and update just yet, We're
> > putting
> > > > the finishing touches on another round of changes :-]).
> > > > >
> > > > > Hold on to the end of this week and then we should have the code
> > stable
> > > > again...
> > > > >
> > > > > In the meantime,
> > > > > debugging logs are the only things that can help up us. Squid will
> > tell
> > > > you why it reported the error. Also you can look and see if
> > > > > you have hung helpers (which often indicate a failed DC
connection)
> > using
> > > > the cachemgr.
> > > > >
> > > > > Rob
> > > > >
> > > > >
> > > > > ----- Original Message -----
> > > > > From: "Craig Fels" <csfels@swbell.net>
> > > > > To: "Squid-Users@Ircache.Net" <squid-users@ircache.net>
> > > > > Sent: Wednesday, January 03, 2001 8:28 AM
> > > > > Subject: [SQU] repeated credential prompts with NTLM
> > > > >
> > > > >
> > > > > > Today I was browsing various websites and became irritated with
> > repeated
> > > > > > prompts by IE5.01 for my username, password, and domain.
> > > > > >
> > > > > > As some of you may remember, I'm running Squid 2.4.Devel-4-NTLM
and
> > its
> > > > > > running on a Linux Mandrake 7.0 box. The machine is a Pentium
> > 3-550Mhz
> > > > with
> > > > > > 256MB RAM.
> > > > > >
> > > > > > Right now, since the box is in testing mode with the NTLM code,
only
> > 3
> > > > or so
> > > > > > people are using it. So by no means is the box getting
overworked.
> > > > > >
> > > > > > I am going to have a hard time getting management to buy-into
using
> > this
> > > > > > proxy site-wide if the NTLM code keeps acting up.
> > > > > >
> > > > > > Here's a summary of the issue:
> > > > > >
> > > > > > Start IE 5.01.
> > > > > > Browse for a few minutes without problem.
> > > > > > Then, logon prompt appears (typical username/password/domain).
If I
> > > > enter
> > > > > > my credentials, sometimes that's enough, and it keeps going.
Other
> > > > times,
> > > > > > it prompts me 3 times in a row, then I get my "Denied" custom
ERR
> > page
> > > > that
> > > > > > I created.
> > > > > > I click "BACK" on the browser, then click the same link I was
trying
> > to
> > > > go
> > > > > > to before, and all is well.
> > > > > >
> > > > > > Squid.conf entries for the ntlm helper are the defaults. BTW, I
am
> > > > using
> > > > > > ntlm_auth for the helper.
> > > > > >
> > > > > > Anyone (read Robert/Kinkie) ;-) have any ideas?
> > > > > >
> > > > > > Thanks,
> > > > > > Craig
> > > > > >
> > > > > > --
> > > > > > To unsubscribe, see
http://www.squid-cache.org/mailing-lists.html
> > > > > >
> > > > > >
> > > > >
> > > >
> > > > --
> > > > To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
> > > >
> > > >
> > >
> > > --
> > > To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
> > >
> >
> >
>
> --
> To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
>

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html