How does your configuration look like ? How did you create the keytab file ?
Markus
"Mohamed Navas" <vmnavas_at_gmail.com> wrote in message
news:CAJa81O71_pG63hu7XGW2om6EOBGTS8y-=xDbSRAyaZgCANaJgw_at_mail.gmail.com...
> Hi,
>
> I have setup the squid authentication with windows 2003 Domain
> controller. But it's working well with NTLM, but failed with kerberso
> ..getting following error:-
>
> =====================================================================
> 2012/07/02 15:07:17| squid_kerb_auth: ERROR: gss_accept_sec_context()
> failed: Unspecified GSS failure. Minor code may provide more
> information.
> 2012/07/02 15:07:17| negotiate_wrapper: Return 'BH
> gss_accept_sec_context() failed: Unspecified GSS failure. Minor code
> may provide more information.
> '
> 2012/07/02 15:07:17| authenticateNegotiateHandleReply: Error
> validating user via Negotiate. Error returned 'BH
> gss_accept_sec_context() failed: Unspecified GSS failure. Minor code
> may provide more information
>
> =======================================================================
>
> mr krb5.conf file is:-
>
> [logging]
> default = FILE:/var/log/krb5libs.log
> kdc = FILE:/var/log/krb5kdc.log
> admin_server = FILE:/var/log/kadmind.log
>
> [libdefaults]
> default_realm = DXBPET.SYSNET.ROOT
> dns_lookup_realm = false
> dns_lookup_kdc = false
> ticket_lifetime = 24h
> renew_lifetime = 7d
> forwardable = true
> #default_keytab_name = /etc/squid/HTTP.keytab
> #allow_weak_crypto = yes
>
>
> ; for Windows 2003
> default_tgs_enctypes = rc4-hmac des-cbc-crc des-cbc-md5
> default_tkt_enctypes = rc4-hmac des-cbc-crc des-cbc-md5
> permitted_enctypes = rc4-hmac des-cbc-crc des-cbc-md5
>
> [realms]
> DXBPET.DUBAIPETROLEUM.ROOT = {
> kdc = dxbjadc12.dxbpet.sysnet.root
> admin_server = dxbjadc12.dxbpet.sysnet.root
> kdc = 10.97.8.122
> }
>
> [domain_realm]
> .dxbpet.sysnet.root = DXBPET.SYSNET.ROOT
> dxbpet.sysnet.root = DXBPET.SYSNET.ROOT
>
Received on Mon Jul 02 2012 - 21:40:19 MDT
This archive was generated by hypermail 2.2.0 : Tue Jul 03 2012 - 12:00:02 MDT