Hi,
See comments below
Chemolli Francesco (USI) wrote:
>>Does anyone know how to get rid of the popup asking for
>>username/password/domain when using NTLM?
>>
>>I've tried to impliment NTLM using 2.5pre3 and it works MOST
>>of the time
>>however every few minutes or so it keeps poping back.
>>
>>I've played with the parameters to extend them way beyond
>>reasonable eg
>>auth_param ntlm children 20
>>auth_param ntlm max_challenge_reuses 500
>>auth_param ntlm max_challenge_lifetime 10 minutes
>>
>>But this seems to make little difference...(do you need to
>>restart squid
>>as opposed to reload for param changes to take effect?)
>>
>>Any hints as to where I should look?
>>
>
> This depends on an inherent unreliability in the SMBSessSetup mechanism
> the NTLMSSP helper uses to authenticate. You either need
Is a timeout issue? Is there anything network wise that can help this?
Currently this box is on a 10Mb 1/2 Duplex switch while the
authentication is 2 switch hops away on a 10/100 Mb full duplex switch.
> the helper-fail-open option, or to try the winbind auth program
The helper fail option... is that the one included at compile time. How
does it work? Presumably if the NTLM helper fails, open access anyway?
> (look at http://devel.squid-cache.org/, tag "ntlm") which requires an
> alpha-level samba to run on the squid host.
Alpha or current? Winbind is included in the current distrib of samba.
I'm not really familiar with CVS but hte pages under
http://devel.squid-cache.org/projects.html#ntlm seem to be a little out
of date
Apologies for more questions than answers :\
Cheers
peter Arnold
>
>
Received on Tue Mar 12 2002 - 03:30:09 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:50 MST