Looks like I got it working. Not sure exactly why all of a sudden it
stopped but with Kinkie's help we cleaned up my squid.conf file and
(I'm not sure if this helped) reconnected to the domain. I think I
was already connected but redid to be on the safe side.
Eric
On Wed, Sep 25, 2013 at 1:59 PM, Kinkie <gkinkie_at_gmail.com> wrote:
> That's the way NTLM is supposed to work. It requires 2x 407 DENIED for
> each new tcp connection.
>
> On Wed, Sep 25, 2013 at 7:36 PM, Eric Vanderveer
> <eric_at_ericvanderveer.com> wrote:
>> I see "The reply for POST http://somedomain.com is DENIED because it
>> matched 'ntlm_auth' but then right after I see the same thing but it
>> says is ALLOWED.
>>
>> On Wed, Sep 25, 2013 at 1:30 PM, Eric Vanderveer
>> <eric_at_ericvanderveer.com> wrote:
>>> Still at a loss on this. If anyone has an idea let me know.
>>>
>>>
>>> On Wed, Sep 25, 2013 at 12:57 PM, Eric Vanderveer
>>> <eric_at_ericvanderveer.com> wrote:
>>>> I am assuming you mean -V and its Version 3.6.3
>>>>
>>>> On Wed, Sep 25, 2013 at 12:56 PM, Kinkie <gkinkie_at_gmail.com> wrote:
>>>>> can you do a ntlm_auth -v?
>>>>>
>>>>> On Wed, Sep 25, 2013 at 6:54 PM, Eric Vanderveer
>>>>> <eric_at_ericvanderveer.com> wrote:
>>>>>> I am using /usr/bin/ntlm_auth with squid.
>>>>>>
>>>>>> On Wed, Sep 25, 2013 at 12:53 PM, Kinkie <gkinkie_at_gmail.com> wrote:
>>>>>>> so it's kerberos, not ntlm, is it?
>>>>>>>
>>>>>>> On Wed, Sep 25, 2013 at 6:52 PM, Eric Vanderveer
>>>>>>> <eric_at_ericvanderveer.com> wrote:
>>>>>>>> I already rejoined to the domain. I checked to make sure and I can
>>>>>>>> see the certificate when i do a klist.
>>>>>>>>
>>>>>>>> On Wed, Sep 25, 2013 at 12:45 PM, Kinkie <gkinkie_at_gmail.com> wrote:
>>>>>>>>> What kind of ntlm auth helper are you using? Samba's?
>>>>>>>>>
>>>>>>>>> If so, othe simplest reason I can think of without additional info is
>>>>>>>>> that your machine account in AD went stale for some reason.. can you
>>>>>>>>> try rejoining the domain?
>>>>>>>>>
>>>>>>>>> On Wed, Sep 25, 2013 at 6:27 PM, Eric Vanderveer
>>>>>>>>> <eric_at_ericvanderveer.com> wrote:
>>>>>>>>>> Hi,
>>>>>>>>>> I have been running squid, dansguardian and ntlm_authentication for
>>>>>>>>>> about 2 months now with no problem. This morning it stopped working.
>>>>>>>>>> I can no longer surf and I get login pop ups on my window clients. On
>>>>>>>>>> the squid server I can see the domain and its users so I am connected.
>>>>>>>>>> My cache.log is showing a lot of stuff but most of it is greek to me.
>>>>>>>>>> Here is a snippet....
>>>>>>>>>>
>>>>>>>>>> http://pastebin.com/YryKkC0J
>>>>>>>>>>
>>>>>>>>>> Any ideas?
>>>>>>>>>>
>>>>>>>>>> Thanks
>>>>>>>>>> Eric Vanderveer
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> /kinkie
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> /kinkie
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> /kinkie
>
>
>
> --
> /kinkie
Received on Thu Sep 26 2013 - 11:34:35 MDT
This archive was generated by hypermail 2.2.0 : Thu Sep 26 2013 - 12:00:04 MDT