Only to let you know, I tested it here using:
> authenticate_cache_garbage_interval 8 hours
> authenticate_ttl 8 hours
and didn't work... pop up password still appear sometimes.
Uh... let me pass more information about may network, maybe could help:
- My linux running Squid is a firewall. The workstations are on the LAN,
and my W2kServer is on DMZ.
The workstations are configured with LMHOSTS to solve the problem of
netbios broadcast traffic. But the address configured on LMHOSTS is an
address of the LAN, and my Linux is making REDIRECT (by iptables).
Anyway,the authentication occurs, like you know, the users can use
internet by proxy normal, but sometimes: that it is -> POP UP PASSWORD.
:-((((
Do you think this structure can increase my frequence of popup's?
Igor.
Em Ter, 2003-04-08 ŕs 10:52, Mrvka Andreas escreveu:
>
> i cannot test it, because this problem appears too rarely. :o)
> i just know that on a pc which is closer to the PDC than
> one another pc it pops up less often.
>
> greetings,
> Andreas
>
> -----Ursprüngliche Nachricht-----
> Von: Igor Luiz Oliveira de Souza [mailto:igorluiz@magiclink.com.br]
> Gesendet: Dienstag, 08. April 2003 14:25
> An: Mrvka Andreas
> Cc: Henrik Nordstrom; Squid-Users
> Betreff: Re: AW: AW: [squid-users] SQUID NTLM pop up password
>
>
> So guys, what kind of implication could be if we change the parameter:
> > authenticate_ttl 2 minutes
> to
> > authenticate_ttl 8 hours
> for example ????
> Any of you see any problem!? Could this help!?
>
> Regards,
> Igor Souza
>
>
> Em Ter, 2003-04-08 ŕs 08:48, Mrvka Andreas escreveu:
> > i use ntlm_auth too.
> >
> > and sometimes authentication window pops up.
> >
> > auth_param ntlm program /usr/local/squid2/libexec/ntlm_auth PDC BDC
> > auth_param ntlm children 15
> > auth_param ntlm max_challenge_reuses 8
> > auth_param ntlm max_challenge_lifetime 2 minutes
> >
> > authenticate_ttl 2 minutes
> > authenticate_ip_ttl 10 seconds
> >
> > refresh_pattern ^ftp: 1440 20% 10080
> > refresh_pattern ^gopher: 1440 0% 1440
> > refresh_pattern . 0 0% 0
> >
> > connect_timeout 240 seconds
> > client_lifetime 10800 seconds
> >
> >
> >
> > -----Ursprüngliche Nachricht-----
> > Von: hno@marasystems.com [mailto:hno@marasystems.com]Im Auftrag von
> > Henrik Nordstrom
> > Gesendet: Montag, 07. April 2003 23:30
> > An: Mrvka Andreas
> > Cc: Igor Luiz Oliveira de Souza; Squid-Users
> > Betreff: Re: AW: [squid-users] SQUID NTLM pop up password
> >
> >
> > Which ntlm helper are you using?
> >
> > SMB (ntlm_auth) or winbind (wbntml_auth)?
> >
> > Regards
> > Henrik
> >
> >
> >
> > Mrvka Andreas wrote:
> > >
> > > hi!
> > >
> > > i have the same problem, and here i've been told that the
> > > client makes some ntlm handshake with the nt domain
> > > and sometimes during this transaction the browser looses
> > > sometimes a session paket. or talking between these 2 pcs was too slow
> > > or something like that.
> > >
> > > in my company i say, this is a security feature :o)
> > >
> > > king regards,
> > > Andreas
> > >
> > > -----Ursprüngliche Nachricht-----
> > > Von: Igor Luiz Oliveira de Souza [mailto:igorluiz@magiclink.com.br]
> > > Gesendet: Montag, 07. April 2003 18:51
> > > An: squid-users@squid-cache.org
> > > Betreff: [squid-users] SQUID NTLM pop up password
> > >
> > > Hello all,
> > >
> > > I just installed Squid 2.5stable2 using NTLM Auth. (Linux Slackware 8.1,
> > > kernel 2.4.18, Samba 2.2.8)
> > > The authentication is working fine, I'm making control of users group
> > > that can login, etc...
> > > But one problem is making me crazy:
> > > Sometimes, without reason, a permited user gets a pop up on screen
> > > asking the password... but if him only push ESC, without pass any login
> > > or password, continue browsing perfectly... and after sometime the pop
> > > up back again...
> > > Do you know what can causing that? Any kind of parameter, password
> > > expiration,configuration mistake, bug ... ????
> > > .
> > > Thanks.
> > > --
> > > Igor Luiz Oliveira de Souza
> > > Magiclink Solucoes Internet
> > > Analista de TI
> > > Salvador / BA - Brasil
> --
> Igor Luiz Oliveira de Souza
> Magiclink Solucoes Internet
> Analista de TI
> Salvador / BA - Brasil
>
>
-- Igor Luiz Oliveira de Souza Magiclink Solucoes Internet Analista de TI Salvador / BA - BrasilReceived on Tue Apr 08 2003 - 09:12:17 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:52 MST