RE: [squid-users] NTLMSSP_AUTH fails with WSUS 3.0SP2

Absolutely. I hope I'm not coming off as insinuating this is an issue with Squid.

I'm just following the bread crumbs and since someone else had the same issue about a year ago, I was just curious if the solution was ever posted back to the mailing list.

I'll head on over to TechNet in any case...

Cheers.

> -----Original Message-----
> From: Amos Jeffries [mailto:squid3_at_treenet.co.nz]
> Sent: Friday, June 08, 2012 9:35 PM
> To: squid-users_at_squid-cache.org
> Subject: Re: [squid-users] NTLMSSP_AUTH fails with WSUS 3.0SP2
>
> On 9/06/2012 7:38 a.m., Kevin Elliott wrote:
> > I'm having the exact same issue as John Treen had back in
> February 2011 as found in the list archives. Unfortunately I
> couldn't find a corresponding solution.
> >
> > http://www.squid-cache.org/mail-archive/squid-users/201102/0008.html
> >
> >
> > It appears that WSUS only sends the first character of the
> username, hostname and domain instead of the full string.
> This of course causes WSUS to fail the authentication
> challenge from Squid.
> >
> > 16.693705 199.58.55.61 -> 199.58.55.66 HTTP CONNECT
> stats.update.microsoft.com:443 HTTP/1.1 , NTLMSSP_NEGOTIATE
> > 16.693732 199.58.55.66 -> 199.58.55.61 TCP http-alt>
> 57476 [ACK] Seq=1 Ack=200 Win=6912 Len=0
> > 16.694616 199.58.55.66 -> 199.58.55.61 TCP [TCP segment
> of a reassembled PDU]
> > 16.694641 199.58.55.66 -> 199.58.55.61 HTTP HTTP/1.0 407
> Proxy Authentication Required , NTLMSSP_CHALLENGE (text/html)
> > 16.695567 199.58.55.61 -> 199.58.55.66 TCP 57476>
> http-alt [ACK] Seq=200 Ack=2921 Win=65536 Len=0
> > 16.696041 199.58.55.61 -> 199.58.55.66 TCP 57476>
> http-alt [RST, ACK] Seq=200 Ack=4144 Win=0 Len=0
> > 16.696182 199.58.55.61 -> 199.58.55.66 TCP 57477>
> http-alt [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=8
> > 16.696216 199.58.55.66 -> 199.58.55.61 TCP http-alt>
> 57477 [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460 WS=7
> > 16.696417 199.58.55.61 -> 199.58.55.66 TCP 57477>
> http-alt [ACK] Seq=1 Ack=1 Win=65536 Len=0
> > 16.696670 199.58.55.61 -> 199.58.55.66 HTTP CONNECT
> > stats.update.microsoft.com:443 HTTP/1.1 , NTLMSSP_AUTH, User: C\u
> >
> >
> > Does anyone know if there was a solution for this posted to
> the mailing list?
>
> What would you expect Squid to do when the incorrect
> username/password are sent?
>
> It seems to me the WSUS help groups are the best place to
> find out why this truncation behaviour is happening and how to fix it.
>
> Amos
>
>
Received on Sat Jun 09 2012 - 21:55:25 MDT