[squid-users] Parsing Config File: Unknown authentication scheme 'ntlm'.

From: <daniel.jarboe@dont-contact.us>
Date: Mon, 19 May 2003 11:28:09 -0400

I'm moving a squid 2.5.STABLE2 installation from one server to another,
I installed via a rpm on the new server, then copied the squid.conf
over.

#/usr/sbin/squid -v shows new squid configured with

--prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin
--sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include
--libdir=/usr/lib --libexecdir=/usr/libexec --localstatedir=/var
--sharedstatedir=/usr/com --mandir=/usr/share/man
--infodir=/usr/share/info --exec_prefix=/usr --bindir=/usr/sbin
--libexecdir=/usr/lib/squid --localstatedir=/var --sysconfdir=/etc/squid
--enable-poll --enable-snmp --enable-removal-policies=heap,lru
--enable-storeio=aufs,coss,diskd,ufs --enable-ssl
--with-openssl=/usr/kerberos --enable-delay-pools
--enable-linux-netfilter --with-pthreads --enable-basic-auth-helpers
--enable-ntlm-auth-helpers --enable-external-acl-helpers

service squid status shows: Parsing Config File: Unknown authentication
scheme 'ntlm'.
Any idea why it wouldn't know about ntlm? Am I missing an --enable
something?

The squid.conf is:

http_port 80
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
auth_param ntlm program /usr/lib/squid/wb_ntlmauth
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param basic program /usr/lib/squid/wb_auth
auth_param basic children 5
auth_param basic realm NT_Login
auth_param basic credentialsttl 8 hours
external_acl_type NT_global_group %LOGIN /usr/lib/squid/wbinfo_group.pl
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl password proxy_auth REQUIRED
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl NTauth external NT_global_group InternetHTTP
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
#http_access allow our_networks
http_access allow NTauth
# And finally deny all other access to this proxy
http_access deny all
http_reply_access allow all
cache_effective_user squid
cache_effective_group squid

Thank you for any help,
~ Daniel

-----------------------------------------------------------------------

This message is the property of Time Inc. or its affiliates. It may be
legally privileged and/or confidential and is intended only for the use
of the addressee(s). No addressee should forward, print, copy, or
otherwise reproduce this message in any manner that would allow it to be
viewed by any individual not originally listed as a recipient. If the
reader of this message is not the intended recipient, you are hereby
notified that any unauthorized disclosure, dissemination, distribution,
copying or the taking of any action in reliance on the information
herein is strictly prohibited. If you have received this communication
in error, please immediately notify the sender and delete this message.
Thank you.
Received on Mon May 19 2003 - 09:25:49 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:16:45 MST