On Fri, 5 Aug 2005, Carlos Zottmann wrote:
> Hi !! Thanks for the answers of both of you !!
>
> By stability issues, do you mean that Squid crashes with NTLM Challenge-Reuse?
Yes, there is at least two independent reports of this.
> The problem we are facing here is due to a bug in Windows Event Log.
> When the windows log file becomes greater than a certain size, smaller
> then the maximum size we have specified, it stops logging new events.
Nice.
> To prevent losing security logs, we decided to run a scheduled job
> that copies and empties de windows event log every four hours.
Sounds like a reasonable idea.
> Whenever this job runs, the DC becomes slow, and the ntlm helpers
> start to enter in "R" state, probably waiting for the DC response.
Hmm.. "R" is reserved, waiting for the client to send the next NTLMSSP
blob in the NTLM authentication handshake.
"B" is buzy waiting for the DC response.
You could try enabling challenge reuse in Squid to lower the number of
queries sent to the DC, but don't expect it to make magics and watch the
stability of your Squids after doing so.
Mvh
Henrik
Received on Tue Aug 09 2005 - 04:26:20 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Sep 01 2005 - 12:00:01 MDT