Hi Marko,
Squid's kerberos helper has debug mode. Just add '-d' switch to
'auth_param negotiate program /usr/sbin/squid_kerb_auth' string in
squid.conf file.
Also here are some useful information and tips:
http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos#Troubleshooting_Tools
Best wishes,
Pavel
On 10/14/2013 06:10 PM, Marko Cupać wrote:
> I am trying to set up kerberos authentication in the following environment:
>
> Kerberos server: Windows 2008 R2 domain controller
> Proxy OS: FreeBSD 9.2-RELEASE amd64
> Squid version: squid-3.3.9
>
> The problem is the fact that kerberos authentication sporadically starts
> to work (no auth popups, cache log shows username of authenticated user)
> without any apparent reason, and then later it stops working (popping up
> auth window) showing the following in cache.log:
>
> 2013/10/14 17:00:10 kid1| ERROR: Negotiate Authentication validating user. Error returned 'BH gss_acquire_cred() failed: No credentials were supplied, or the credentials were unavailable or inaccessible.. unknown mech-code 0 for mech unknown'
>
> I have no idea how to start troubleshooting. Any tips?
>
Received on Mon Oct 14 2013 - 15:18:37 MDT
This archive was generated by hypermail 2.2.0 : Mon Oct 14 2013 - 12:00:09 MDT