Re: [squid-users] Random authentication popups from pwasenda@dont-contact.us on 2006-06-18 (squid-users)

From: <pwasenda@dont-contact.us>
Date: Sun, 18 Jun 2006 17:19:58 +0300

there lots of options in internet explorer -- Tools-> Internet Options ->
security Tab --- select a zone and choose "custom level button". there is a
field for "user authentication below" have you tried playing around with these
?

you could also try enabling "use http 1.1 through proxy connections" under the
advanced TAB.

could be of some help.

Quoting Adrian Chadd <adrian@creative.net.au>:

> Is there any possibility of getting some funding for this work?
>
> Its not for me: I don't know much about the NT code at all.
> But I'm sure there's a squid developer or two there who is willing
> to sort through all of the niggling NTLM authentication problems.
>
>
>
> Adrian
>
> On Sun, Jun 18, 2006, Scott Jarkoff wrote:
> > I would truly love to say otherwise, however I have been unable to
> > reconcile this problem once and for all. While the popups do not
> > appear to be as frequent as they used to be, after a minor
> > modification to my smb.conf file, they are still present. Because of
> > this I am unable to get Squid deployed throughout our enterprise.
> >
> >
> > scott
> >
> >
> > On 6/16/06, Ngo, Toan <tngo@midway.com> wrote:
> > >Are there any more suggestions on the random auth prompts?
> > >
> > >Thanks.
> > >
> > >-----Original Message-----
> > >From: Ngo, Toan
> > >Sent: Monday, June 05, 2006 9:09 AM
> > >To: Guido Serassio; Visolve squid; Scott Jarkoff
> > >Cc: squid-users@squid-cache.org
> > >Subject: RE: [squid-users] Random authentication popups
> > >
> > >SMB.CONF
> > >
> > > [global]
> > > workgroup = DOMAIN
> > > realm = DOMAIN.COM
> > > netbios name = PROXY-01
> > >
> > > server string = Proxy Server
> > > log file = /var/log/samba/%m.log
> > > security = ads
> > > password server = dc1.domain.com dc2.domain.com dc3.domain.com
> > >
> > > idmap uid = 16777216-33554431
> > > idmap gid = 16777216-33554431
> > > winbind separator= \\
> > > # allow enumeration of winbind users and groups
> > > winbind enum users = yes
> > > winbind enum groups = yes
> > ># winbind use default domain = yes
> > > template shell = /sbin/nologin
> > > encrypt passwords = yes
> > > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> > > local master = no
> > > wins server = x.x.x.x
> > > dns proxy = no
> > >
> > >SQUID.CONF
> > >auth_param ntlm program /usr/bin/ntlm_auth
> > >--helper-protocol=squid-2.5-ntlmssp
> > >auth_param ntlm children 50
> > >auth_param ntlm max_challenge_reuses 0
> > >auth_param ntlm max_challenge_lifetime 2 minutes
> > >auth_param ntlm use_ntlm_negotiate on
> > >auth_param basic program /usr/bin/ntlm_auth
> > >--helper-protocol=squid-2.5-basic
> > >auth_param basic children 10
> > >auth_param basic realm Squid proxy-caching web server
> > >auth_param basic credentialsttl 3 minutes
> > >
> > >-----Original Message-----
> > >From: Guido Serassio [mailto:guido.serassio@acmeconsulting.it]
> > >Sent: Saturday, June 03, 2006 2:05 AM
> > >To: Ngo, Toan; Visolve squid; Scott Jarkoff
> > >Cc: squid-users@squid-cache.org
> > >Subject: RE: [squid-users] Random authentication popups
> > >
> > >Hi,
> > >
> > >At 01.34 03/06/2006, Ngo, Toan wrote:
> > >
> > >>I get these messages in cache.log.
> > >>
> > >>[2006/06/02 16:22:51, 1] libsmb/ntlmssp.c:ntlmssp_update(252)
> > >> got NTLMSSP command 3, expected 1
> > >>[2006/06/02 16:24:30, 1] libsmb/ntlmssp.c:ntlmssp_update(252)
> > >> got NTLMSSP command 3, expected 1
> > >>[2006/06/02 16:25:39, 1] libsmb/ntlmssp.c:ntlmssp_update(252)
> > >> got NTLMSSP command 1, expected 3
> > >>[2006/06/02 16:26:04, 1] libsmb/ntlmssp.c:ntlmssp_update(252)
> > >> got NTLMSSP command 3, expected 1
> > >>
> > >>Any ideas? Are others seeing the same log messages when the random
> > >>login prompts?
> > >
> > >This is the trace of some out of order NTLM packets, the messages
> > >come from Samba's ntlm_auth helper.
> > >
> > > From your previous message, I can read that you are using Samba
> > >3.0.14a, 3.0.22 would be better, please do you can post your smb.conf
> > >and the auth_param section of your squid.conf.
> > >
> > >Regards
> > >
> > >Guido
> > >
> > >
> > >
> > >-
> > >========================================================
> > >Guido Serassio
> > >Acme Consulting S.r.l. - Microsoft Certified Partner
> > >Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY
> > >Tel. : +39.011.9530135 Fax. : +39.011.9781115
> > >Email: guido.serassio@acmeconsulting.it
> > >WWW: http://www.acmeconsulting.it/
> > >
> > >
> > >
> > >
> > >
> > >
> >
> >
> > --
> > Scott Jarkoff
>
>

wase
---------------------------------------------------------------

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
Received on Sun Jun 18 2006 - 08:30:22 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Jul 01 2006 - 12:00:01 MDT