[squid-users] Re: Re: Re: Squid Kerberos authentication error

What is the proxy name you use in the IE configuration ? What are the
other browsers / systems which work ?

Markus

<vmnavas_at_gmail.com> wrote in message
news:903157024-1340705263-cardhu_decombobulator_blackberry.rim.net-1488955688-_at_b2.c1.bise7.blackberry...
> Now its working in all browsers but not in IE with windows XP. My active
> directory is in windows 2003
> ------Original Message------
> From: Mohamed Navas
> To: 'Markus Moeller'
> To: squid-users_at_squid-cache.org
> Subject: RE: [squid-users] Re: Re: Squid Kerberos authentication error
> Sent: 26 Jun 2012 9:27 AM
>
> I could solve the issue by creating keytabs within the MS server and
> exported to Linux machine and is working fine with msktutils itself...
> Still do not find out the reason for not created it in Linux machine !
>
> -----Original Message-----
> From: Markus Moeller [mailto:huaraz_at_moeller.plus.com]
> Sent: Sunday, June 24, 2012 9:39 PM
> To: squid-users_at_squid-cache.org
> Subject: [squid-users] Re: Re: Squid Kerberos authentication error
>
> You can use samba to create the keytab, but you mustn't use any samba
> daemon as the daemon will reset the key in AD after a predefined time and
> thereby invalidate the key in your keytab.
>
> Regards
> Markus
>
>
> "Navas" <vmnavas_at_gmail.com> wrote in message
> news:4c9801cd520a$34f4ee30$9edeca90$@gmail.com...
>> One more thing I am using Samba, I could not use mskutil. Is there any
>> issue with Kerberos and Samba.
>> OS: Redhat EL6.2
>> squid-3.1
>>
>> thanks,
>>
>> -----Original Message-----
>> From: Markus Moeller [mailto:huaraz_at_moeller.plus.com]
>> Sent: Sunday, June 24, 2012 2:59 PM
>> To: squid-users_at_squid-cache.org
>> Subject: [squid-users] Re: Squid Kerberos authentication error
>>
>> Can you check that the squid user has read access to the Kerberos keytab
> ?
>> Did you set the environment variable KRB5_KTNAME pointing to the
>> Kerberos keytab in the startup script ?
>>
>> Markus
>>
>> "Navas" <vmnavas_at_gmail.com> wrote in message
>> news:000301cd51e5$7f9e64e0$7edb2ea0$@gmail.com...
>>> Hi,
>>> I am trying to setup squid to authenticate as AD with kerberos as
>>> per the following document
>>>
>>> http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActive
>>> D
>>> irecto
>>> ry
>>>
>>> but I am getting following error in cache log,
>>>
>>> authenticateNegotiateHandleReply: Error validating user via Negotiate.
>>> Error
>>> returned 'BH gss_acquire_cred() failed: Unspecified GSS failure.
>>> Minor code may provide more information. Unknown error'
>>>
>>> appreciated for your kind help ..
>>>
>>> thanks,
>>>
>>> abusam
>>>
>>>
>>
>>
>>
>>
>
>
>
> Sent from my BlackBerry® smartphone from du
Received on Tue Jun 26 2012 - 20:17:26 MDT