Re: [squid-users] Re: squid kerberos authenticators spamming AD and locking out users

From: Brett Lymn <brett.lymn_at_baesystems.com>
Date: Fri, 22 Feb 2013 11:16:48 +1030

On Fri, Feb 22, 2013 at 01:18:53PM +1300, Amos Jeffries wrote:
>
> What happens if you leave Squid running but terminate the TCP
> connections open between Squid and the AD server?
>

We have not tried doing that, I will give it a try if I get a chance.

> Or just the TCP connections client<->Squid for the one user who is looping?
>

The client does not need to be connected to squid after the problem has
started up. We have had an instance where a user had shutdown their
workstation and gone home but the errors were still occurring. It seems
once the authenticator has started doing this it continues until we
restart it.

-- 
Brett Lymn
"Warning:
The information contained in this email and any attached files is
confidential to BAE Systems Australia. If you are not the intended
recipient, any use, disclosure or copying of this email or any
attachments is expressly prohibited.  If you have received this email
in error, please notify us immediately. VIRUS: Every care has been
taken to ensure this email and its attachments are virus free,
however, any loss or damage incurred in using this email is not the
sender's responsibility.  It is your responsibility to ensure virus
checks are completed before installing any data sent in this email to
your computer."
Received on Fri Feb 22 2013 - 00:46:58 MST

This archive was generated by hypermail 2.2.0 : Fri Feb 22 2013 - 12:00:04 MST