[squid-users] Re: Fighting with kerberos: WARNING: received type 1 NTLM token

From: Markus Moeller <huaraz_at_moeller.plus.com>
Date: Thu, 3 Jan 2013 00:09:47 -0000

Hi David,

  Can you get a ticket for HTTP/<squid-fqdn> ? Do you use IE or Firefox or
?

Markus

"David Touzeau" <david_at_articatech.com> wrote in message
news:21ACFB9BE8E34C7DBA0FA2F2D0B329BB_at_fr.kaspersky.com...
> Dear
>
> I have connected the server to the Active Directory, get tickets and so
> on.
> Clients are Windows 8 connected to the domain.
>
> in squid.conf:
> auth_param negotiate program /lib/squid3/negotiate_kerberos_auth -d
> auth_param negotiate children 10
> auth_param negotiate keep_alive on
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 2 hour
> authenticate_ip_ttl 60 seconds
> authenticate_cache_garbage_interval 10 seconds
> authenticate_ttl 0 hour
>
>
> When browsing, Squid claim
>
> negotiate_kerberos_auth.cc(389): pid=30208 :2013/01/03 00:10:39|
> negotiate_kerberos_auth: WARNING: received type 1 NTLM token
> 2013/01/03 00:10:39 kid1| ERROR: Negotiate Authentication validating user.
> Error returned 'BH received type 1 NTLM token'
> negotiate_kerberos_auth.cc(316): pid=30208 :2013/01/03 00:10:43|
> negotiate_kerberos_auth: DEBUG: Got 'YR
> TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAvAjAAAADw==' from squid
> (length: 59).
> negotiate_kerberos_auth.cc(379): pid=30208 :2013/01/03 00:10:43|
> negotiate_kerberos_auth: DEBUG: Decode
> 'TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAvAjAAAADw==' (decoded
> length: 40).
> negotiate_kerberos_auth.cc(389): pid=30208 :2013/01/03 00:10:43|
> negotiate_kerberos_auth: WARNING: received type 1 NTLM token
> 2013/01/03 00:10:43 kid1| ERROR: Negotiate Authentication validating user.
> Error returned 'BH received type 1 NTLM token'
> negotiate_kerberos_auth.cc(316): pid=30208 :2013/01/03 00:10:48|
> negotiate_kerberos_auth: DEBUG: Got 'YR
> TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAvAjAAAADw==' from squid
> (length: 59).
> negotiate_kerberos_auth.cc(379): pid=30208 :2013/01/03 00:10:48|
> negotiate_kerberos_auth: DEBUG: Decode
> 'TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAvAjAAAADw==' (decoded
> length: 40).
> negotiate_kerberos_auth.cc(389): pid=30208 :2013/01/03 00:10:48|
> negotiate_kerberos_auth: WARNING: received type 1 NTLM token
> 2013/01/03 00:10:48 kid1| ERROR: Negotiate Authentication validating user.
> Error returned 'BH received type 1 NTLM token'
>
> Why, where i’m miss ???
>
> best regards...
>
>
>
>
Received on Thu Jan 03 2013 - 00:10:06 MST

This archive was generated by hypermail 2.2.0 : Thu Jan 03 2013 - 12:00:04 MST