[squid-users] Behaviour change in ntlm authentication - please help again !!

From: Carlos Zottmann <zottmann@dont-contact.us>
Date: Wed, 15 Jun 2005 17:38:44 -0300

Hi !!

I have posted this message yesterday, but, as I received no answer, I am trying
again. As the problem is really bad here, I would kindly ask the list members to
tell me any experiences regarding this issue, like ways to set up squid (or samba)
to use ntlm v1 or ntlm v2.

Thanks again,
Carlos.

We are facing a strange behaviour change in ntlm authentication, that is
causing Squid to slow down on peak hours.

Previously, the browsers would try to get a web page through squid, and they
received one 407 error, sent an authentication package that successfully
authenticated the client, and then received the requested web page.

Now, the browsers are getting one 407 error, sending an authentication
package, getting another 407 error, sending a different authenticatino
package, and then they are successfully authenticated. It seems to me that
Squid is asking for ntlm v2, and was asking for ntlm v1 before. The domain
policy for this is "Send LM & NTLM - Use NTLMv2 session security if
negotiated".

Observing the "NTLM User Authentication Stats" in Cachemgr.cgi, we see that,
in random times of the day, the ntlm helpers begin entering in the "R"
state, and when all of them are in this state, than squid restarts itself,
sometimes returning to normal operation, and sometimes repeating this
process.

Given this scenario, I would like to know if anyone has already been through
this, and could point me some directions, or how can I debug it to get to
know what´s happening.

I would also like to ask for a detailed description of the possible ntlm
helper stats, shown in cachemgr.cgi.

We are using Squid-2.5 Stable9 and Samba 3.0.10-1

Thanks in Advance,
Carlos.
Received on Wed Jun 15 2005 - 14:38:49 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jul 01 2005 - 12:00:02 MDT