Hi,
I'm trying to get the squid helper squid_kerb_auth to work against our
Active Directory (win 2003 sp2).
I've compiled the latest squid version (squid-2.7.STABLE7)on CentOS 5.4
64 bit.
Squid Cache: Version 2.7.STABLE7
configure options: '--prefix=/usr/local/squid' '--disable-wccp'
'--disable-wccpv2' '--enable-large-cache-files' '--with-large-files'
'--enable-delay-pools' '--enable-cachemgr-hostname' '=fqdn'
'--enable-ntlm-auth-helpers=SMB' '--enable-auth=basic,ntlm,negotiate'
'--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-snmp'
A keytab file was create on AD for squid
(HTTP/squid.domain_at_REALM.KERBEROS)
ktpass -princ HTTP/fqdn_at_REALM -mapuser squiduser
-pass password -out HTTP.keytab
Transferred the file on the CentOS server and placed it
in /etc/squid/HTTP.keytab
kinit -k -t /etc/squid/squid.keytab HTTP/fqdn_at_REALM.KERBEROS
I get the error message:
kinit(v5): Client not found in Kerberos database while getting initial
credentials
I've also tried creating the keytab file using
msktutil or samba according to the following doc:
http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos
I get the same error.
How do I sort out this problem?
Thanks in advance.
Regards
Umesh
Received on Tue Jan 12 2010 - 15:41:34 MST
This archive was generated by hypermail 2.2.0 : Wed Jan 13 2010 - 12:00:03 MST