I'm having the exact same issue as John Treen had back in February 2011 as found in the list archives. Unfortunately I couldn't find a corresponding solution.
http://www.squid-cache.org/mail-archive/squid-users/201102/0008.html
It appears that WSUS only sends the first character of the username, hostname and domain instead of the full string. This of course causes WSUS to fail the authentication challenge from Squid.
16.693705 199.58.55.61 -> 199.58.55.66 HTTP CONNECT stats.update.microsoft.com:443 HTTP/1.1 , NTLMSSP_NEGOTIATE
16.693732 199.58.55.66 -> 199.58.55.61 TCP http-alt > 57476 [ACK] Seq=1 Ack=200 Win=6912 Len=0
16.694616 199.58.55.66 -> 199.58.55.61 TCP [TCP segment of a reassembled PDU]
16.694641 199.58.55.66 -> 199.58.55.61 HTTP HTTP/1.0 407 Proxy Authentication Required , NTLMSSP_CHALLENGE (text/html)
16.695567 199.58.55.61 -> 199.58.55.66 TCP 57476 > http-alt [ACK] Seq=200 Ack=2921 Win=65536 Len=0
16.696041 199.58.55.61 -> 199.58.55.66 TCP 57476 > http-alt [RST, ACK] Seq=200 Ack=4144 Win=0 Len=0
16.696182 199.58.55.61 -> 199.58.55.66 TCP 57477 > http-alt [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=8
16.696216 199.58.55.66 -> 199.58.55.61 TCP http-alt > 57477 [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460 WS=7
16.696417 199.58.55.61 -> 199.58.55.66 TCP 57477 > http-alt [ACK] Seq=1 Ack=1 Win=65536 Len=0
16.696670 199.58.55.61 -> 199.58.55.66 HTTP CONNECT stats.update.microsoft.com:443 HTTP/1.1 , NTLMSSP_AUTH, User: C\u
Does anyone know if there was a solution for this posted to the mailing list?
-- Kevin Elliott Network Specialist City and Borough of Juneau, MIS (907) 586 - 0905Received on Fri Jun 08 2012 - 19:43:02 MDT
This archive was generated by hypermail 2.2.0 : Sat Jun 09 2012 - 12:00:02 MDT