NT 4 doesn't support Kerberos so I don't see why samba should need to be
compiled with Kerberos support. Doesn't windows 2003 server support normal
NTLM auth? There must be some way of telling it to use it.
Thank you
-----Original Message-----
From: Dave Augustus [mailto:davea@support.kcm.org]
Sent: 09 September 2004 18:40
To: Charlie Grosvenor
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] Windows 2003 Strangeness
Did you compile Samba with kerberos 1.3? I am just guessing here but the
problem appears to be between your W2K3 servers and Squid.
This is a Samba configuration problem- whatever it is- you could try posting
there as well.
-- Dave On Thu, 2004-09-09 at 12:03, Charlie Grosvenor wrote: > Thank you for the response, the windows 2003 server is a member server > of an NT 4 domain, no active directory. I have this problem on two all > the windows > 2003 member servers. > > Squid.conf: > > auth_param ntlm program /usr/bin/ntlm_auth domain/domaincontroller > auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 5000 > auth_param ntlm max_challenge_lifetime 5 minutes > > I am using the NTLM_AUTH binary that comes with samba v3. > > Thank you > > -----Original Message----- > From: Dave Augustus [mailto:davea@support.kcm.org] > Sent: 09 September 2004 17:56 > To: Charlie Grosvenor > Cc: squid-users@squid-cache.org > Subject: Re: [squid-users] Windows 2003 Strangeness > > How are authenticating? It sounds like you are using mixed-mode > authentication: that is, the the old-style Domain Controller and the > new Active Directory. > > My guess is that: > Your Squid box is using DC for authentication and the W2K3 server is > using AD. Do you have the same problem on another W2K3 server ? > > With Samba v3, you use the NTLM_AUTH binary that it installs instead > of the one that comes with Squid. > > Let me know, > -- > Dave > > On Thu, 2004-09-09 at 10:49, Charlie Grosvenor wrote: > > I am using squid 2.5.6, with NTLM authentication. This works fine > > with > > IE6 on windows NT, 2000, XP clients, but with windows 2003 server, I > > get "Page cannot be displayed" when I set IE6 to use the proxy and > > in the squid access.log I get: > > > > 1094744912.490 0 192.168.1.97 TCP_DENIED/407 1866 GET > > http://www.microsoft.com/ - NONE/- text/html > > 1094744912.664 0 192.168.1.97 TCP_DENIED/407 1792 GET > > http://www.microsoft.com/ - NONE/- text/html > > 1094744912.667 0 192.168.1.97 TCP_DENIED/407 1866 GET > > http://www.microsoft.com/ - NONE/- text/html > > 1094744912.824 0 192.168.1.97 TCP_DENIED/407 1792 GET > > http://www.microsoft.com/ - NONE/- text/html > > 1094744912.827 0 192.168.1.97 TCP_DENIED/407 1866 GET > > http://www.microsoft.com/ - NONE/- text/html > > 1094744912.976 0 192.168.1.97 TCP_DENIED/407 1792 GET > > http://www.microsoft.com/ - NONE/- text/html > > 1094744912.979 0 192.168.1.97 TCP_DENIED/407 1866 GET > > http://www.microsoft.com/ - NONE/- text/html > > 1094744913.136 0 192.168.1.97 TCP_DENIED/407 1792 GET > > http://www.microsoft.com/ - NONE/- text/html > > 1094744913.138 0 192.168.1.97 TCP_DENIED/407 1866 GET > > http://www.microsoft.com/ - NONE/- text/html > > > > Has anybody else experienced this with windows 2003 server? anybody > > know of a solution? > > > > ____________________________________________________________________ > > __ This email has been scanned by the MessageLabs Email Security > > System. > > For more information please visit http://www.messagelabs.com/email > > ____________________________________________________________________ > > __ > > ______________________________________________________________________ > This email has been scanned by the MessageLabs Email Security System. > For more information please visit http://www.messagelabs.com/email > ______________________________________________________________________ ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________Received on Thu Sep 09 2004 - 11:46:14 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Oct 01 2004 - 12:00:02 MDT