RE: [squid-users] Transparent authentication problem

Squid.conf
auth_param ntlm program /usr/local/squid/libexec/wb_ntlmauth
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

auth_param basic program /usr/local/squid/libexec/wb_auth
auth_param basic children 5
auth_param basic realm Acceso Internet
auth_param basic credentialsttl 2 hours

Access.log
1 127.0.0.1 TCP_DENIED/407 2853 GET http://www.cabal.com.ar/ - NONE/-
text/html
0 127.0.0.1 TCP_DENIED/407 2792 GET http://www.cabal.com.ar/ - NONE/-
text/html
3 127.0.0.1 TCP_DENIED/407 2853 GET http://www.cabal.com.ar/ - NONE/-
text/html
0 127.0.0.1 TCP_DENIED/407 2792 GET http://www.cabal.com.ar/ - NONE/-
text/html

-----Mensaje original-----
De: Adam Aube [mailto:aaube@firstindependent.net]
Enviado el: Martes, 05 de Agosto de 2003 11:53
Para: squid-users@squid-cache.org
Asunto: RE: [squid-users] Transparent authentication problem

> All Wbinfo commands function OK and wb_auth -d work OK too...
> My pdc and bdc´s are NT4.0 and the station is logged to the lan.
> If i use basic NTLM authentication (with pop up) works fine!!! but
> transparent autehntication doesn´t work

So basic auth using the Winbind helpers works. wbinfo -a shows
both plaintext and challenge-response success. The workstation is
logged into the domain, which is NT4.

But NTLM auth using the winbind helper does not work.

When you setup NTLM auth in your squid.conf, what auth_param lines
do you use? What does the cache.log show when you reconfigure Squid
and try to log in?

You can have basic and NTLM auth setup at the same time - just make
sure the NTLM auth_param lines are first in your squid.conf.

Adam

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.237 / Virus Database: 115 - Release Date: 3/7/2001