Hello, I juste create a new proxy with squid 2.5S11 on solaris 8, I take the same config (exceopt of the name of the server) that the one is running in production on another server. But I get an access denied. here is the cache.log (I don0't know why I got that on log, i didn't ask for any debug or something). 2005/10/04 09:23:11| storeLateRelease: released 0 objects [2005/10/04 09:23:42, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(606) Got user=[B9J] domain=[D-BI1] workstation=[X-VCZMTNSARFNFZ] len1=24 len2=24 [2005/10/04 09:23:42, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319) NTLMSSP Sign/Seal - Initialising with flags: [2005/10/04 09:23:42, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62) Got NTLMSSP neg_flags=0x00000216 here is my config: cache_effective_user squid cache_effective_group nobody http_port 8080 refresh_pattern . 0 20% 4320 refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 visible_hostname squid cache_mem 300 MB # Authentication scheme ## NTLM auth auth_param ntlm program /opt/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 64 auth_param ntlm max_challenge_lifetime 2 minutes auth_param ntlm max_challenge_reuses 0 external_acl_type NT_global_group concurrency=40 %LOGIN /opt/squid/libexec/wbinfo_group.pl external_acl_type NT_group concurrency=30 %LOGIN /opt/squid/libexec/wbinfo_group.pl acl techuser external NT_global_group D-BI1\SurfeursWebCCH-T acl webuserCA external NT_global_group D-BI1\SurfeursWebCCH D-BI1\SurfeursWebCCH-T acl webuserAutre external NT_group D-B1\SurfeursWebBCH DH1\SurfeursWebHCH # ACL config acl SSL_ports port 443 563 22 acl CONNECT method CONNECT acl all src 0.0.0.0/0.0.0.0 acl QUERY urlpath_regex cgi-bin \? acl manager proto cache_object acl auth proxy_auth REQUIRED acl ftp proto ftp acl java_jvm browser Java/1.4 acl to_localhost dst 127.0.0.0/8 acl local dst 10.137.0.0/255.255.0.0 acl localhost src 127.0.0.1/255.255.255.255 acl CI dst 10.0.0.0/255.0.0.0 acl ci-dst dst 10.137.0.0/255.255.0.0 acl ci-src src 10.137.0.0/255.255.0.0 acl AntiVirus1 dstdomain .symantec.com acl AntiVirus2 dstdomain .symantecliveupdate.com # cache directory info cache_dir diskd /cache1 25000 64 256 cache_replacement_policy LFUDA maximum_object_size 20 MB cache_swap_high 80 cache_swap_low 70 # cache log file path cache_store_log none cache_access_log /opt/squid/logs/access.log cache_log /opt/squid/logs/cache.log pid_filename /opt/squid/logs/squid.pid http_reply_access allow all icp_access allow all redirect_children 20 coredump_dir /usr/local/squid/var forwarded_for off hierarchy_stoplist cgi-bin ? ## http access rules http_access allow manager ci-src http_access allow manager localhost http_access deny manager http_access allow java_jvm http_access allow AntiVirus1 http_access allow AntiVirus2 http_access allow ci-src auth webuserCA http_access allow !ci-src auth webuserAutre http_access deny all Any hint on why ? all usual wbinfo test and ntlm_auth are wokring fine. thanks in advance ****************************************************************** DISCLAIMER - E-MAIL ------------------- The information contained in this E-Mail is intended for the named recipient(s). It may contain certain privileged and confidential information, or information which is otherwise protected from disclosure. If you are not the intended recipient, you must not copy,distribute or take any action in reliance on this information ******************************************************************
