[squid-users] FATAL: The ntlmauthenticator helpers are crashing too rapidly, need help!

From: Nate Ressel <nressel@dont-contact.us>
Date: Thu, 01 Jun 2006 15:08:45 -0500

I cannot get squid to stay running... it keeps crashing. I am trying to
get it to authenticate with AD2003. I get good responses from wbinfo
and also from kinit. I have searched high and low for an answer, but
have only found the same problem from others. Any suggestions?

Thanks,
Nate

SMB.CONF
[global]
workgroup = ****
realm = STJOSEPHSWB.COM
netbios name = ONEFISH
security = ads
encrypt passwords = yes
password server = ****.stjosephswb.com
winbind separator = /
idmap uid = 10000-20000
idmap gid = 10000-20000
smb ports = 445
winbind enum users = yes
winbind enum groups = yes

[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No

krb5.conf
[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 ticket_lifetime = 24000
 default_realm = STJOSEPHSWB.COM
 default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
 default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc
# permitted_enctypes = des3-hmac-sha1 des-cbc-crc
 dns_lookup_realm = false
 dns_lookup_kdc = true
 kdc_req_checksum_type = 2
 checksum_type = 2
 ccache_type = 1
 proxiable = true
 forwardable = yes

[realms]
 STJOSEPHSWB.COM = {
  kdc = ****.STJOSEPHSWB.COM:88
  admin_server = ****.stjosephswb.com:749
  default_domain = stjosephswb.com
 }

[domain_realm]
 .stjosephswb.com = ****.STJOSEPHSWB.COM
 stjosephswb.com = ****.STJOSEPHSWB.COM

[kdc]
 profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }

CACHE.LOG

2006/06/01 14:20:42| Starting Squid Cache version 2.5.STABLE14 for
i386-redhat-linux-gnu...
2006/06/01 14:20:42| Process ID 11692
2006/06/01 14:20:42| With 1024 file descriptors available
2006/06/01 14:20:42| Performing DNS Tests...
2006/06/01 14:20:42| Successful DNS name lookup tests...
2006/06/01 14:20:42| DNS Socket created at 0.0.0.0, port 32775, FD 5
2006/06/01 14:20:42| Adding nameserver 172.20.16.185
from /etc/resolv.conf
2006/06/01 14:20:42| Adding nameserver 172.20.40.10
from /etc/resolv.conf
2006/06/01 14:20:42| helperStatefulOpenServers: Starting 10 'ntlm_auth'
processes
2006/06/01 14:20:42| User-Agent logging is disabled.
2006/06/01 14:20:42| Referer logging is disabled.
2006/06/01 14:20:42| Unlinkd pipe opened on FD 20
2006/06/01 14:20:42| Swap maxSize 102400 KB, estimated 7876 objects
2006/06/01 14:20:42| Target number of buckets: 393
2006/06/01 14:20:42| Using 8192 Store buckets
2006/06/01 14:20:42| Max Mem size: 8192 KB
2006/06/01 14:20:42| Max Swap size: 102400 KB
2006/06/01 14:20:42| Local cache digest enabled; rebuild/rewrite every
3600/3600 sec
2006/06/01 14:20:42| Rebuilding storage in /var/spool/squid (DIRTY)
2006/06/01 14:20:42| Using Least Load store dir selection
2006/06/01 14:20:42| Set Current Directory to /var/squid/cache
2006/06/01 14:20:42| Loaded Icons.
2006/06/01 14:20:42| Accepting HTTP connections at 0.0.0.0, port 3128,
FD 22.
2006/06/01 14:20:42| Accepting ICP messages at 0.0.0.0, port 3130, FD
23.
2006/06/01 14:20:42| WCCP Disabled.
2006/06/01 14:20:42| Ready to serve requests.
2006/06/01 14:20:42| WARNING: ntlmauthenticator #1 (FD 7) exited
2006/06/01 14:20:42| WARNING: ntlmauthenticator #2 (FD 8) exited
2006/06/01 14:20:42| WARNING: ntlmauthenticator #3 (FD 9) exited
2006/06/01 14:20:42| WARNING: ntlmauthenticator #4 (FD 10) exited
2006/06/01 14:20:42| WARNING: ntlmauthenticator #5 (FD 11) exited
2006/06/01 14:20:42| Too few ntlmauthenticator processes are running
FATAL: The ntlmauthenticator helpers are crashing too rapidly, need
help!

**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.

www.mimesweeper.com
**********************************************************************
Received on Thu Jun 01 2006 - 14:08:37 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Jul 01 2006 - 12:00:01 MDT