Re: AW: [squid-users] SQUID NTLM pop up password

From: Alexander Kiselev <akiselev@dont-contact.us>
Date: Mon, 14 Apr 2003 16:52:39 +0400

Igor,

I believe I found the solution.

Try to specify the users in auth ACL both in uppercase and lowercase
letters, i.e.:
acl AuthUsers proxy_auth domain\user1 DOMAIN\USER1 domain\user2 DOMAIN\USER2
http_access allow AuthUsers

I made this change and my users didn't got any password promts during last
several days.

--
Cheers,
Alex
----- Original Message -----
From: "Igor Luiz Oliveira de Souza" <igorluiz@magiclink.com.br>
To: "George Dominguez" <GDominguez@mteliza.com.au>
Cc: <squid-users@squid-cache.org>
Sent: Wednesday, April 09, 2003 5:27 PM
Subject: RE: AW: [squid-users] SQUID NTLM pop up password
> George,
>
> I was really expecting that your tip could help me.
> I increased the number from 5 to 27.
> BUT after that, the problem still remain! :-(((((
> Any other tip??? Anyone more can help!?
> I loose my mind trying to solve this! :-(((
>
> Igor.
>
> Em Ter, 2003-04-08 ās 21:25, George Dominguez escreveu:
> >
> > I was having this problem and by "gradually" augmenting the
authenticators
> > from the default of 5  the problem has disappear.
> >
> > I gradully increased the number of auth from 5 to 25. If I hear someone
was
> > promt for password, I get them to log out and to login again, then I
would
> > increase the number from say 25 to 27...
> >
> > auth_param ntlm children 25
> >
> > I hope this helps?
> >
> > Regards
> > George
> >
> >
> >
> >
> >
> >
> >
> >                       "Simon Bryan"
> >                       <sbryan@olmc.nsw.        To:       "Alexander
Kiselev" <akiselev@mow-co.ru.dhl.com>,
> >                       edu.au>                   "Igor Luiz Oliveira de
Souza" <igorluiz@magiclink.com.br>
> >                                                cc:
<squid-users@squid-cache.org>
> >                       08/04/2003 03:57         Subject:  RE: AW:
[squid-users] SQUID NTLM pop up password
> >                       PM
> >                       Please respond to
> >                       sbryan
> >
> >
> >
> >
> >
> >
> > Could this be an authenticate ttl problem?
> >
> > > -----Original Message-----
> > > From: Alexander Kiselev [mailto:akiselev@mow-co.ru.dhl.com]
> > > Sent: Tue, 8. April 2003 3:25 PM
> > > To: Igor Luiz Oliveira de Souza; Henrik Nordstrom
> > > Cc: squid-users@squid-cache.org
> > > Subject: Re: AW: [squid-users] SQUID NTLM pop up password
> > >
> > >
> > > Hi Igor & Henrik,
> > >
> > > I'm using winbind (wbntml_auth) and have the same problem.
> > > Moreover, i run winbind daemon in debug level with "-d" option and
found
> > > that when the user got pop up password prompt in IExplorer, i've got
the
> > > following error message in cache.log:
> > >
> > > (wb_ntlmauth)[26270](wb_ntlm_auth.c:246): winbindd result: 0
> > > (wb_ntlmauth)[26270](wb_ntlm_auth.c:66): sending 'AF cis\mmeshik' to
> > squid
> > > (wb_ntlmauth)[26277](wb_ntlm_auth.c:246): winbindd result: 1
> > > (wb_ntlmauth)[26277](wb_ntlm_auth.c:60): sending 'NA CIS\MMESHIK auth
> > > failure because: Authentication Failure (NT_STATUS_WRONG_PASSWORD)'
> > >
> > > BUT user didn't specified its password ...
> > >
> > > --
> > > Cheers,
> > > Alex
> > >
> > >
> > > ----- Original Message -----
> > > From: "Igor Luiz Oliveira de Souza" <igorluiz@magiclink.com.br>
> > > To: "Henrik Nordstrom" <hno@squid-cache.org>
> > > Cc: <squid-users@squid-cache.org>
> > > Sent: Tuesday, April 08, 2003 1:52 AM
> > > Subject: Re: AW: [squid-users] SQUID NTLM pop up password
> > >
> > >
> > > > I'm using SMB (ntlm_auth).
> > > >
> > > > Regards,
> > > >
> > > > Igor Souza
> > > >
> > > > Em Seg, 2003-04-07 ās 18:30, Henrik Nordstrom escreveu:
> > > > > Which ntlm helper are you using?
> > > > >
> > > > > SMB (ntlm_auth) or winbind (wbntml_auth)?
> > > > >
> > > > > Regards
> > > > > Henrik
> > > > >
> > > > >
> > > > >
> > > > > Mrvka Andreas wrote:
> > > > > >
> > > > > > hi!
> > > > > >
> > > > > > i have the same problem, and here i've been told that the
> > > > > > client makes some ntlm handshake with the nt domain
> > > > > > and sometimes during this transaction the browser looses
> > > > > > sometimes a session paket. or talking between these 2 pcs
> > > was too slow
> > > > > > or something like that.
> > > > > >
> > > > > > in my company i say, this is a security feature :o)
> > > > > >
> > > > > > king regards,
> > > > > > Andreas
> > > > > >
> > > > > > -----Ursprüngliche Nachricht-----
> > > > > > Von: Igor Luiz Oliveira de Souza
[mailto:igorluiz@magiclink.com.br]
> > > > > > Gesendet: Montag, 07. April 2003 18:51
> > > > > > An: squid-users@squid-cache.org
> > > > > > Betreff: [squid-users] SQUID NTLM pop up password
> > > > > >
> > > > > > Hello all,
> > > > > >
> > > > > > I just installed Squid 2.5stable2 using NTLM Auth. (Linux
Slackware
> > > 8.1,
> > > > > > kernel 2.4.18, Samba 2.2.8)
> > > > > > The authentication is working fine, I'm making control of
> > > users group
> > > > > > that can login, etc...
> > > > > > But one problem is making me crazy:
> > > > > > Sometimes, without reason, a permited user gets a pop up on
screen
> > > > > > asking the password... but if him only push ESC, without pass
any
> > > login
> > > > > > or password, continue browsing perfectly... and after
> > > sometime the pop
> > > > > > up back again...
> > > > > > Do you know what can causing that? Any kind of parameter,
password
> > > > > > expiration,configuration mistake, bug ... ????
> > > > > > .
> > > > > > Thanks.
> > > > > > --
> > > > > > Igor Luiz Oliveira de Souza
> > > > > > Magiclink Solucoes Internet
> > > > > > Analista de TI
> > > > > > Salvador / BA   -  Brasil
> > > > >
> > > >
> > > >
> > > >
> > > >
> >
> >
> >
> >
> >
> > =====================================================
> > Privileged/Confidential Information may be contained in this message. If
> > you are not the addressee (or responsible for delivery of the message to
> > the addressee), you may not copy or deliver this message to anyone. In
such
> > a case, you should destroy this message and kindly notify the sender by
> > reply e-mail. Opinions, conclusions and other information in this
message
> > that do not relate to the official business of my employer shall be
> > understood as neither given nor endorsed by it.
> >
> >
>
>
>
>
Received on Mon Apr 14 2003 - 07:07:44 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:58 MST