On 31/05/2012 1:46 a.m., Usuário do Sistema wrote:
> Hello guys, I'm with the same issue that I had some moth ago sometimes
> my squid can't authenticate. follows the log from cache. log
>
> 2012/05/29 10:41:44| WARNING: up to 20 pending requests queued
> 2012/05/29 10:41:44| Consider increasing the number of
> ntlmauthenticator processes to at least 40 in your config file
>
> I wonder if I need grow my parameter "auth_param ntlm children". about
> 5 moth ago I've grown it from 5 to 20 because the same problem. until
> now has been resolved.
> but the problem seems come back so I wonder if there is other thing
> that might to be the cause ?!?!
>
> follow my parameter in the squid.conf
>
> auth_param ntlm program /usr/bin/ntlm_auth becomex/srv-ad1
> --helper-protocol=squid-2.5-ntlmssp
> auth_param ntlm children 20
> auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
> auth_param basic children 20
> auth_param basic realm Controle de acesso a Internet
> auth_param basic credentialsttl 2 hours
>
> there might are others things beyond these parameter "ntlm children" ?
There are a few things. In no particular order they are:
increasing TCP connection persistence,
increasing the number of helpers (children) as suggested by Squid.
decreasing lag for Winbind lookups,
decreasing the amount of client traffic (hahaha)
decreasing the number of auth requests needed by Squid (ie polishing
squid.conf access rules)
migrating to Negotiate/Kerberos protocol
Amos
Received on Fri Jun 01 2012 - 05:07:24 MDT
This archive was generated by hypermail 2.2.0 : Fri Jun 01 2012 - 12:00:06 MDT