Dear
I would like to connect my squid 3.2 to the Active Directory 2003
All Kerberos settings should working
# /usr/bin/kinit Administrateur_at_MAISON.TOUZEAU.BIZ -V 2>&1
Password for Administrateur_at_MAISON.TOUZEAU.BIZ:
Authenticated to Kerberos v5
# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: Administrateur_at_MAISON.TOUZEAU.BIZ
Valid starting Expires Service principal
12/13/11 17:10:26 12/14/11 03:10:24
krbtgt/MAISON.TOUZEAU.BIZ_at_MAISON.TOUZEAU.BIZ
renew until 12/14/11 17:10:26
Squid.conf
auth_param negotiate program /lib/squid3/negotiate_kerberos_auth -d -s
HTTP/squid32-64.touzeau.com
auth_param negotiate children 10
auth_param negotiate keep_alive on
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hour
authenticate_ip_ttl 60 seconds
authenticate_cache_garbage_interval 10 seconds
authenticate_ttl 0 hour
#--------- kerberos ACL settings
acl AUTHENTICATED proxy_auth REQUIRED
In events squid claim
011/12/13 17:11:27 kid1| ERROR: Negotiate Authentication validating
user. Error returned 'BH received type 1 NTLM token'
negotiate_kerberos_auth.cc(316): pid=23130 :2011/12/13 17:11:28|
negotiate_kerberos_auth: DEBUG: Got 'YR
TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw==' from squid
(length: 59).
negotiate_kerberos_auth.cc(379): pid=23130 :2011/12/13 17:11:28|
negotiate_kerberos_auth: DEBUG: Decode
'TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw==' (decoded
length: 40).
negotiate_kerberos_auth.cc(389): pid=23130 :2011/12/13 17:11:28|
negotiate_kerberos_auth: WARNING: received type 1 NTLM token
2011/12/13 17:11:28 kid2| ERROR: Negotiate Authentication validating
user. Error returned 'BH received type 1 NTLM token'
Where 'i am wrong ?
Received on Tue Dec 13 2011 - 17:27:08 MST
This archive was generated by hypermail 2.2.0 : Wed Dec 14 2011 - 12:00:03 MST