Hi,
Wrong helper here:
> auth_param basic program c:/squid/libexec/mswin_ntlm_auth.exe -d
auth_param basic program c:/squid/libexec/mswin_auth.exe
Regards
Guido Serassio
Acme Consulting S.r.l. - Microsoft Certified Partner
Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY
Tel. : +39.011.9530135 Fax. : +39.011.9781115
Email: info_at_acmeconsulting.it
WWW: http://www.acmeconsulting.it/
> -----Messaggio originale-----
> Da: Delgado Contreras, Verónica [mailto:vdelgado_at_cajadeburgos.es]
> Inviato: mercoledì 13 maggio 2009 9.11
> A: Guido Serassio; squid-users_at_squid-cache.org
> Oggetto: RE: [squid-users] RE: Error with ntlm authentication
>
> Hi,
>
> I have solved the Error 1054.Buy I also have this error.
>
> Type: Error
> User: N/A
> Source: Application Error
> Category: (100)
> EventID: 1000
>
> Description:
>
> Faulting application mswin_ntlm_auth.exe, version 0.0.0.0, faulting module
> msvcrt.dll, version 7.0.3790.3959, fault address 0x00037e23.
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
>
>
> This is my configuration in squid.conf:
>
> auth_param ntlm program c:/squid/libexec/mswin_ntlm_auth.exe -d
> auth_param ntlm children 50
> auth_param basic program c:/squid/libexec/mswin_ntlm_auth.exe -d
> auth_param basic children 50
> auth_param basic keep_alive on
> auth_param ntlm keep_alive on
> auth_param negotiate keep_alive on
>
> auth_param basic credentialsttl 5 minutes
>
> external_acl_type AD_global_group %LOGIN
> c:/squid/libexec/mswin_check_ad_group.exe -D cajadeburgos.des -G -d
>
> acl GProxyUsers external AD_global_group c:/squid/etc/DomainUsers
> acl dstcomun dstdomain "C:/squid/etc/comun.acl"
> acl ntlm-users proxy_auth REQUIRED
> http_access allow ntlm-users GProxyUsers
>
>
> When a user open the first time a web page in a Browser, the user and
> domain are send and the proxy allow the web, but the next times the user
> and domain aren't send and the proxy don´t allow the web and in the event
> Viwer Aplication sow the EventID 1000.
>
>
> It can see in the file access.log
>
> 1242042166.237 782 172.24.4.123 TCP_MISS/302 612 GET
> http://go.microsoft.com/fwlink/? dodes\administrator DIRECT/64.4.52.189
> text/html
> 1242042166.831 593 172.24.4.123 TCP_MISS/403 1010 GET
> http://runonce.msn.com/runonce3.aspx dodes\administrator
> DIRECT/213.199.181.20 text/html
> 1242042177.426 0 172.24.4.123 TCP_DENIED/407 1782 GET
> http://www.google.es/ - NONE/- text/html
>
> Thank you.
>
> Verónica Delgado
> Depto. Sistemas
> CAJA DE BURGOS
> C: 947 258 495
> : vdelgado_at_cajadeburgos.es
>
>
> -----Mensaje original-----
> De: Guido Serassio [mailto:guido.serassio_at_acmeconsulting.it]
> Enviado el: martes, 12 de mayo de 2009 19:46
> Para: Delgado Contreras, Verónica; squid-users_at_squid-cache.org
> Asunto: R: [squid-users] RE: Error with ntlm authentication
>
> Hi,
>
> The errors that you can see in the event log of your machine are not
> related to Squid, but are the symptom of some malfunction in the acces to
> AD from the machine itself.
> So likely any ntlm problem could be related.
>
> But, what is the helpers command line in squid.conf ?
>
> Regards
>
> Guido Serassio
>
> Acme Consulting S.r.l. - Microsoft Certified Partner
> Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY
> Tel. : +39.011.9530135 Fax. : +39.011.9781115
> Email: info_at_acmeconsulting.it
> WWW: http://www.acmeconsulting.it/
>
>
>
> > -----Messaggio originale-----
> > Da: Delgado Contreras, Verónica [mailto:vdelgado_at_cajadeburgos.es]
> > Inviato: martedì 12 maggio 2009 8.20
> > A: squid-users_at_squid-cache.org
> > Oggetto: [squid-users] RE: Error with ntlm authentication
> >
> >
> > Hello,
> >
> > I´m testing Squid 3 for Windows. I try to configure squid with ntlm
> > authentication but I have a error in event viewer-Application.
> >
> > Type: Error
> > User: NT AUTHORITY\SYSTEM
> > Computer: LOBO
> > Source: Userenv
> > Category: None
> > Event ID: 1054
> > Description:
> > Windows cannot obtain the domain controller name for your computer
> network.
> > (An unexpected network error occurred. ). Group Policy processing
> aborted.
> >
> > For more information, see Help and Support Center at
> > http://go.microsoft.com/fwlink/events.asp.
> >
> >
> >
> >
> > And the “cache .log” show this:
> >
> >
> >
> > ntlm-auth[2828](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> > build Mar 6 2009, 23:32:18 starting up...
> > ntlm-auth[2828](ntlm_auth.c:391): SSPI initialized OK
> > ntlm-auth[796](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> > build Mar 6 2009, 23:32:18 starting up...
> > ntlm-auth[796](ntlm_auth.c:391): SSPI initialized OK
> > ntlm-auth[5620](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> > build Mar 6 2009, 23:32:18 starting up...
> > ntlm-auth[5620](ntlm_auth.c:391): SSPI initialized OK
> > ntlm-auth[2864](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> > build Mar 6 2009, 23:32:18 starting up...
> > ntlm-auth[2864](ntlm_auth.c:391): SSPI initialized OK
> > ntlm-auth[5644](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> > build Mar 6 2009, 23:32:18 starting up...
> > ntlm-auth[5644](ntlm_auth.c:391): SSPI initialized OK
> > 2009/05/11 12:56:47| helperOpenServers: Starting 5
> > 'mswin_check_ad_group.exe' processes
> > ntlm-auth[3248](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> > build Mar 6 2009, 23:32:18 starting up...
> > ntlm-auth[3248](ntlm_auth.c:391): SSPI initialized OK
> > ntlm-auth[5980](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> > build Mar 6 2009, 23:32:18 starting up...
> > ntlm-auth[5980](ntlm_auth.c:391): SSPI initialized OK
> > /mswin_check_ad_group.exe[3012]: Member of Domain DODES
> >
> > /mswin_check_ad_group.exe[3012]: Into forest cajadeburgos.des
> >
> > /mswin_check_ad_group.exe[3012]: External ACL win32 group helper build
> Mar
> > 6 2009, 23:48:40 starting up...
> >
> > /mswin_check_ad_group.exe[3012]: Domain Global group mode enabled using
> > 'cajadeburgos.de' as default domain.
> >
> > ntlm-auth[5664](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> > build Mar 6 2009, 23:32:18 starting up...
> > ntlm-auth[5664](ntlm_auth.c:391): SSPI initialized OK
> > /mswin_check_ad_group.exe[1160]: Member of Domain DODES
> >
> > /mswin_check_ad_group.exe[1160]: Into forest cajadeburgos.des
> >
> > /mswin_check_ad_group.exe[1160]: External ACL win32 group helper build
> Mar
> > 6 2009, 23:48:40 starting up...
> >
> > /mswin_check_ad_group.exe[1160]: Domain Global group mode enabled using
> > 'cajadeburgos.de' as default domain.
> >
> > /mswin_check_ad_group.exe[3268]: Member of Domain DODES
> >
> > /mswin_check_ad_group.exe[3268]: Into forest cajadeburgos.des
> >
> > /mswin_check_ad_group.exe[3268]: External ACL win32 group helper build
> Mar
> > 6 2009, 23:48:40 starting up...
> >
> > /mswin_check_ad_group.exe[3268]: Domain Global group mode enabled using
> > 'cajadeburgos.de' as default domain.
> >
> > /mswin_check_ad_group.exe[5656]: Member of Domain DODES
> >
> > /mswin_check_ad_group.exe[5656]: Into forest cajadeburgos.des
> >
> > /mswin_check_ad_group.exe[5656]: External ACL win32 group helper build
> Mar
> > 6 2009, 23:48:40 starting up...
> >
> > /mswin_check_ad_group.exe[5656]: Domain Global group mode enabled using
> > 'cajadeburgos.de' as default domain.
> >
> > 2009/05/11 12:56:47| User-Agent logging is disabled.
> > 2009/05/11 12:56:47| Referer logging is disabled.
> > /mswin_check_ad_group.exe[3016]: Member of Domain DODES
> >
> > /mswin_check_ad_group.exe[3016]: Into forest cajadeburgos.des
> >
> > /mswin_check_ad_group.exe[3016]: External ACL win32 group helper build
> Mar
> > 6 2009, 23:48:40 starting up...
> >
> > /mswin_check_ad_group.exe[3016]: Domain Global group mode enabled using
> > 'cajadeburgos.de' as default domain.
> >
> > 2009/05/11 12:56:47| Unlinkd pipe opened on FD 428
> > 2009/05/11 12:56:47| Local cache digest enabled; rebuild/rewrite every
> > 3600/3600 sec
> > 2009/05/11 12:56:47| Swap maxSize 1024000 KB, estimated 78769 objects
> > 2009/05/11 12:56:47| Target number of buckets: 3938
> > 2009/05/11 12:56:47| Using 8192 Store buckets
> > 2009/05/11 12:56:47| Max Mem size: 8192 KB
> > 2009/05/11 12:56:47| Max Swap size: 1024000 KB
> > 2009/05/11 12:56:48| Version 1 of swap file with LFS support detected...
> > 2009/05/11 12:56:48| Rebuilding storage in c:/squid/var/cache (CLEAN)
> > 2009/05/11 12:56:48| Using Least Load store dir selection
> > 2009/05/11 12:56:48| Set Current Directory to c:/squid/var/cache
> > 2009/05/11 12:56:48| Loaded Icons.
> > 2009/05/11 12:56:48| Accepting HTTP connections at 172.25.49.11, port
> 80,
> > FD 434.
> > 2009/05/11 12:56:48| HTCP Disabled.
> > 2009/05/11 12:56:48| Ready to serve requests.
> > 2009/05/11 12:56:48| Done reading c:/squid/var/cache swaplog (951
> entries)
> > 2009/05/11 12:56:48| Finished rebuilding storage from disk.
> > 2009/05/11 12:56:48| 951 Entries scanned
> > 2009/05/11 12:56:48| 0 Invalid entries.
> > 2009/05/11 12:56:48| 0 With invalid flags.
> > 2009/05/11 12:56:48| 951 Objects loaded.
> > 2009/05/11 12:56:48| 0 Objects expired.
> > 2009/05/11 12:56:48| 0 Objects cancelled.
> > 2009/05/11 12:56:48| 0 Duplicate URLs purged.
> > 2009/05/11 12:56:48| 0 Swapfile clashes avoided.
> > 2009/05/11 12:56:48| Took 0.34 seconds (2766.19 objects/sec).
> > 2009/05/11 12:56:48| Beginning Validation Procedure
> > 2009/05/11 12:56:48| Completed Validation Procedure
> > 2009/05/11 12:56:48| Validated 1927 Entries
> > 2009/05/11 12:56:48| store_swap_size = 8024
> > 2009/05/11 12:56:49| storeLateRelease: released 0 objects
> > ntlm-auth[3376](ntlm_auth.c:227): Got 'YR
> >
> TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0
> > RPREVT' from Squid
> > ntlm-auth[3376](ntlm_auth.c:183): attempting SSPI challenge retrieval
> > ntlm-auth[3376](ntlm_auth.c:186): Got it
> > ntlm-auth[3376](ntlm_auth.c:266): sending 'TT
> >
> TlRMTVNTUAACAAAACgAKADgAAAAFgomiDSA9TjNm89EAAAAAAAAAAJQAlABCAAAABQLODgAAAA
> >
> 9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1
> >
> AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC
> > 4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to
> > squid
> > ntlm-auth[3376](ntlm_auth.c:227): Got 'KK
> >
> TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA
> >
> C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz
> >
> ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMAMpWZ5BGDLckAAAAAAAAAAAAAAAAAAAAA11H7te
> > bZ4CuRk+g95Dm0zM6uiw9ortI2' from Squid
> > ntlm-auth[3376](libntlmssp.c:269): checking domaicn: 'DODES', user:
> > 'Administrator'
> > /mswin_check_ad_group.exe[3012]: Got 'dodes%5Cadministrator
> > c:/squid/etc/DomainUsers' from Squid (length: 46).
> >
> > /mswin_check_ad_group.exe[3012]: Valid_Global_Groups: checking group
> > membership of 'dodes\administrator'.
> >
> > /mswin_check_ad_group.exe DsGetDcName() failed.'
> > ntlm-auth[5888](ntlm_auth.c:227): Got 'YR
> >
> TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0
> > RPREVT' from Squid
> > ntlm-auth[5888](ntlm_auth.c:183): attempting SSPI challenge retrieval
> > ntlm-auth[5888](ntlm_auth.c:186): Got it
> > ntlm-auth[5888](ntlm_auth.c:266): sending 'TT
> >
> TlRMTVNTUAACAAAACgAKADgAAAAFgomiKm9ZWYx42iUAAAAAAAAAAJQAlABCAAAABQLODgAAAA
> >
> 9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1
> >
> AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC
> > 4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to
> > squid
> > ntlm-auth[5888](ntlm_auth.c:227): Got 'KK
> >
> TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA
> >
> C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz
> >
> ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMAeSeUuCuU9W8AAAAAAAAAAAAAAAAAAAAAS1A3HJ
> > C0hQNSHHJkIAWFKfpFuYbbQSY3' from Squid
> > ntlm-auth[5888](libntlmssp.c:269): checking domain: 'DODES', user:
> > 'Administrator'
> > ntlm-auth[1488](ntlm_auth.c:227): Got 'YR
> >
> TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0
> > RPREVT' from Squid
> > ntlm-auth[1488](ntlm_auth.c:183): attempting SSPI challenge retrieval
> > ntlm-auth[1488](ntlm_auth.c:186): Got it
> > ntlm-auth[1488](ntlm_auth.c:266): sending 'TT
> >
> TlRMTVNTUAACAAAACgAKADgAAAAFgomieoupMy56RPkAAAAAAAAAAJQAlABCAAAABQLODgAAAA
> >
> 9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1
> >
> AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC
> > 4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to
> > squid
> > ntlm-auth[1488](ntlm_auth.c:227): Got 'KK
> >
> TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA
> >
> C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz
> >
> ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMA1ZT+19V97OkAAAAAAAAAAAAAAAAAAAAA8Blnof
> > qUp9IgkhbtwIrMXehHu2rY9CmE' from Squid
> > ntlm-auth[1488](libntlmssp.c:269): checking domain: 'DODES', user:
> > 'Administrator'
> > ntlm-auth[2968](ntlm_auth.c:227): Got 'YR
> >
> TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0
> > RPREVT' from Squid
> > ntlm-auth[2968](ntlm_auth.c:183): attempting SSPI challenge retrieval
> > ntlm-auth[2968](ntlm_auth.c:186): Got it
> > ntlm-auth[2968](ntlm_auth.c:266): sending 'TT
> >
> TlRMTVNTUAACAAAACgAKADgAAAAFgomiUIsf25S7gqMAAAAAAAAAAJQAlABCAAAABQLODgAAAA
> >
> 9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1
> >
> AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC
> > 4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to
> > squid
> > ntlm-auth[2968](ntlm_auth.c:227): Got 'KK
> >
> TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA
> >
> C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz
> >
> ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMAbyG+h4SorQUAAAAAAAAAAAAAAAAAAAAAd77QUF
> > RWePBef5FF6BB6B9Zglk4maUIg' from Squid
> > ntlm-auth[2968](libntlmssp.c:269): checking domain: 'DODES', user:
> > 'Administrator'
> > ntlm-auth[4072](ntlm_auth.c:227): Got 'YR
> >
> TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0
> > RPREVT' from Squid
> > ntlm-auth[4072](ntlm_auth.c:183): attempting SSPI challenge retrieval
> > ntlm-auth[4072](ntlm_auth.c:186): Got it
> >
> >
> >
> >
> >
> >
> >
> >
> > What can be the problem?.
> >
> > Thanks.
> >
> >
> > Verónica Delgado
> > Depto. Sistemas
> > CAJA DE BURGOS
> > C: 947 258 495
> > : vdelgado_at_cajadeburgos.es
> >
Received on Thu May 14 2009 - 08:12:55 MDT
This archive was generated by hypermail 2.2.0 : Thu May 14 2009 - 12:00:01 MDT