Re: [squid-users] Random authentication popups

I would truly love to say otherwise, however I have been unable to
reconcile this problem once and for all. While the popups do not
appear to be as frequent as they used to be, after a minor
modification to my smb.conf file, they are still present. Because of
this I am unable to get Squid deployed throughout our enterprise.

scott

On 6/16/06, Ngo, Toan <tngo@midway.com> wrote:
> Are there any more suggestions on the random auth prompts?
>
> Thanks.
>
> -----Original Message-----
> From: Ngo, Toan
> Sent: Monday, June 05, 2006 9:09 AM
> To: Guido Serassio; Visolve squid; Scott Jarkoff
> Cc: squid-users@squid-cache.org
> Subject: RE: [squid-users] Random authentication popups
>
> SMB.CONF
>
> [global]
> workgroup = DOMAIN
> realm = DOMAIN.COM
> netbios name = PROXY-01
>
> server string = Proxy Server
> log file = /var/log/samba/%m.log
> security = ads
> password server = dc1.domain.com dc2.domain.com dc3.domain.com
>
> idmap uid = 16777216-33554431
> idmap gid = 16777216-33554431
> winbind separator= \\
> # allow enumeration of winbind users and groups
> winbind enum users = yes
> winbind enum groups = yes
> # winbind use default domain = yes
> template shell = /sbin/nologin
> encrypt passwords = yes
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> local master = no
> wins server = x.x.x.x
> dns proxy = no
>
> SQUID.CONF
> auth_param ntlm program /usr/bin/ntlm_auth
> --helper-protocol=squid-2.5-ntlmssp
> auth_param ntlm children 50
> auth_param ntlm max_challenge_reuses 0
> auth_param ntlm max_challenge_lifetime 2 minutes
> auth_param ntlm use_ntlm_negotiate on
> auth_param basic program /usr/bin/ntlm_auth
> --helper-protocol=squid-2.5-basic
> auth_param basic children 10
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 3 minutes
>
> -----Original Message-----
> From: Guido Serassio [mailto:guido.serassio@acmeconsulting.it]
> Sent: Saturday, June 03, 2006 2:05 AM
> To: Ngo, Toan; Visolve squid; Scott Jarkoff
> Cc: squid-users@squid-cache.org
> Subject: RE: [squid-users] Random authentication popups
>
> Hi,
>
> At 01.34 03/06/2006, Ngo, Toan wrote:
>
> >I get these messages in cache.log.
> >
> >[2006/06/02 16:22:51, 1] libsmb/ntlmssp.c:ntlmssp_update(252)
> > got NTLMSSP command 3, expected 1
> >[2006/06/02 16:24:30, 1] libsmb/ntlmssp.c:ntlmssp_update(252)
> > got NTLMSSP command 3, expected 1
> >[2006/06/02 16:25:39, 1] libsmb/ntlmssp.c:ntlmssp_update(252)
> > got NTLMSSP command 1, expected 3
> >[2006/06/02 16:26:04, 1] libsmb/ntlmssp.c:ntlmssp_update(252)
> > got NTLMSSP command 3, expected 1
> >
> >Any ideas? Are others seeing the same log messages when the random
> >login prompts?
>
> This is the trace of some out of order NTLM packets, the messages
> come from Samba's ntlm_auth helper.
>
> From your previous message, I can read that you are using Samba
> 3.0.14a, 3.0.22 would be better, please do you can post your smb.conf
> and the auth_param section of your squid.conf.
>
> Regards
>
> Guido
>
>
>
> -
> ========================================================
> Guido Serassio
> Acme Consulting S.r.l. - Microsoft Certified Partner
> Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY
> Tel. : +39.011.9530135 Fax. : +39.011.9781115
> Email: guido.serassio@acmeconsulting.it
> WWW: http://www.acmeconsulting.it/
>
>
>
>
>
>

-- 
Scott Jarkoff