I was having this problem and by "gradually" augmenting the authenticators
from the default of 5 the problem has disappear.
I gradully increased the number of auth from 5 to 25. If I hear someone was
promt for password, I get them to log out and to login again, then I would
increase the number from say 25 to 27...
auth_param ntlm children 25
I hope this helps?
Regards
George
"Simon Bryan"
<sbryan@olmc.nsw. To: "Alexander Kiselev" <akiselev@mow-co.ru.dhl.com>,
edu.au> "Igor Luiz Oliveira de Souza" <igorluiz@magiclink.com.br>
cc: <squid-users@squid-cache.org>
08/04/2003 03:57 Subject: RE: AW: [squid-users] SQUID NTLM pop up password
PM
Please respond to
sbryan
Could this be an authenticate ttl problem?
> -----Original Message-----
> From: Alexander Kiselev [mailto:akiselev@mow-co.ru.dhl.com]
> Sent: Tue, 8. April 2003 3:25 PM
> To: Igor Luiz Oliveira de Souza; Henrik Nordstrom
> Cc: squid-users@squid-cache.org
> Subject: Re: AW: [squid-users] SQUID NTLM pop up password
>
>
> Hi Igor & Henrik,
>
> I'm using winbind (wbntml_auth) and have the same problem.
> Moreover, i run winbind daemon in debug level with "-d" option and found
> that when the user got pop up password prompt in IExplorer, i've got the
> following error message in cache.log:
>
> (wb_ntlmauth)[26270](wb_ntlm_auth.c:246): winbindd result: 0
> (wb_ntlmauth)[26270](wb_ntlm_auth.c:66): sending 'AF cis\mmeshik' to
squid
> (wb_ntlmauth)[26277](wb_ntlm_auth.c:246): winbindd result: 1
> (wb_ntlmauth)[26277](wb_ntlm_auth.c:60): sending 'NA CIS\MMESHIK auth
> failure because: Authentication Failure (NT_STATUS_WRONG_PASSWORD)'
>
> BUT user didn't specified its password ...
>
> --
> Cheers,
> Alex
>
>
> ----- Original Message -----
> From: "Igor Luiz Oliveira de Souza" <igorluiz@magiclink.com.br>
> To: "Henrik Nordstrom" <hno@squid-cache.org>
> Cc: <squid-users@squid-cache.org>
> Sent: Tuesday, April 08, 2003 1:52 AM
> Subject: Re: AW: [squid-users] SQUID NTLM pop up password
>
>
> > I'm using SMB (ntlm_auth).
> >
> > Regards,
> >
> > Igor Souza
> >
> > Em Seg, 2003-04-07 ŕs 18:30, Henrik Nordstrom escreveu:
> > > Which ntlm helper are you using?
> > >
> > > SMB (ntlm_auth) or winbind (wbntml_auth)?
> > >
> > > Regards
> > > Henrik
> > >
> > >
> > >
> > > Mrvka Andreas wrote:
> > > >
> > > > hi!
> > > >
> > > > i have the same problem, and here i've been told that the
> > > > client makes some ntlm handshake with the nt domain
> > > > and sometimes during this transaction the browser looses
> > > > sometimes a session paket. or talking between these 2 pcs
> was too slow
> > > > or something like that.
> > > >
> > > > in my company i say, this is a security feature :o)
> > > >
> > > > king regards,
> > > > Andreas
> > > >
> > > > -----Ursprüngliche Nachricht-----
> > > > Von: Igor Luiz Oliveira de Souza [mailto:igorluiz@magiclink.com.br]
> > > > Gesendet: Montag, 07. April 2003 18:51
> > > > An: squid-users@squid-cache.org
> > > > Betreff: [squid-users] SQUID NTLM pop up password
> > > >
> > > > Hello all,
> > > >
> > > > I just installed Squid 2.5stable2 using NTLM Auth. (Linux Slackware
> 8.1,
> > > > kernel 2.4.18, Samba 2.2.8)
> > > > The authentication is working fine, I'm making control of
> users group
> > > > that can login, etc...
> > > > But one problem is making me crazy:
> > > > Sometimes, without reason, a permited user gets a pop up on screen
> > > > asking the password... but if him only push ESC, without pass any
> login
> > > > or password, continue browsing perfectly... and after
> sometime the pop
> > > > up back again...
> > > > Do you know what can causing that? Any kind of parameter, password
> > > > expiration,configuration mistake, bug ... ????
> > > > .
> > > > Thanks.
> > > > --
> > > > Igor Luiz Oliveira de Souza
> > > > Magiclink Solucoes Internet
> > > > Analista de TI
> > > > Salvador / BA - Brasil
> > >
> >
> >
> >
> >
Privileged/Confidential Information may be contained in this message. If
you are not the addressee (or responsible for delivery of the message to
the addressee), you may not copy or deliver this message to anyone. In such
a case, you should destroy this message and kindly notify the sender by
reply e-mail. Opinions, conclusions and other information in this message
that do not relate to the official business of my employer shall be
understood as neither given nor endorsed by it.
Received on Tue Apr 08 2003 - 18:24:25 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:52 MST