Hi All, I have been struggling to configure cachemgr.cgi on my squid(2.5STABLE 10) server. It works fine if I disable NTLM authentication.If I enable NTLM authentication I am not able to access thecachemgr.cgi web page. It says access denied. Then I did a diff onsquid.auth.conf file (NTLM enabled config) and squid.noauth.conf (NTLMdisabled config). I am not able to figure which ACL is denying meaccess when I try to access the cachemgr.cgi web page: diff squid.auth.conf squid.noauth.conf < #cache_peer 172.161.195 parent 3128 0 weight=15 no-digest proxy-only< #cache_peer 172.161.67 parent 3128 0 weight=10 no-digest proxy-only446d443< no_cache deny ifrmarkets448a446> no_cache deny ifrmarkets485a484> #cache_mem 256 MB682a682> #cache_dir ufs /var/squid/cache 5120 16 2561191c1191< auth_param basic children 50---> auth_param basic children 501296,1297c1296< #external_acl_type wbinfo_group_helper ttl=900 children=125 %LOGIN/usr/local/squid/libexec/wbinfo_group.pl< external_acl_type wbinfo_group_helper ttl=900 children=125 %LOGIN/opt/squid/libexec/wbinfo_group.pl---> external_acl_type wbinfo_group_helper ttl=900 children=125 %LOGIN /usr/local/squid/libexec/wbinfo_group.pl1711,1713d1709< acl deny_web_group external wbinfo_group_helper restricted1< http_access deny deny_web_group<1730d1725< acl Safe_ports port 20001 # TBGW1732a1728> acl Safe_ports port 20001 # TBGW server1743,1744c1739< # NOT< # on default values:---> # NOTE on default values:1764,1765c1759,1760< acl ausv-00002 src 172.16.11.150/255.255.255.255< acl CMGR src 172.16.0.0/255.255.0.0---> acl ausv-00002 src 172.16.11.150/32> acl CMGR src 172.16.0.0/161767d1761< http_access deny manager !localhost !ausv-00002 !CMGR !ausv-000011768a1763,1767> http_access allow manager localhost> http_access allow manager ausv-00001> http_access allow manager ausv-00002> http_access allow manager CMGR> http_access deny manager1769a1769>1774,1780d1773<<< http_access allow localhost< http_access allow ausv-00001< http_access allow ausv-00002< http_access allow CMGR<1792c1785< acl NOAUTH src 172.16.69.14/32 172.16.70.204/32 172.16.78.20/32172.16.78.37/32 172.16.78.39/32 172.16.100.68/32 172.16.70.64/32172.16.117.192/32 172.16.11.150/32 10.185.234.13/32---> acl NOAUTH src 172.16.69.14/32 172.16.70.204/32 172.16.78.20/32 172.16.78.37/32 172.16.78.39/32 172.16.100.68/321835d1827< acl jesse src 172.16.117.192/321880a1873,1875> acl NetOMS-ip5 dst 66.227.81.53/32> acl NetOMS-ip6 dst 66.227.81.51/32> acl NetOMS-ip7 dst 66.227.81.52/321888d1882< #acl CAAML dst 62.17.163.240/32< http_access allow ECI< http_access allow APH1904,1906d1892< #http_access allow CAAML< http_access allow jesse< http_access allow TBGW1919a1906> ########### JVM NTLM ISSUE RECTIFICATION1920a1908,1909> acl java_jvm browser Java/1.4> http_access allow java_jvm1936a1926,1928> http_access allow NetOMS-ip5> http_access allow NetOMS-ip6> http_access allow NetOMS-ip71943a1936> http_access allow AME-31954c1947,1948<---> http_access allow TBGW>1959a1954>1968d1962< http_access allow Internet1974,1975c1968,1969< acl msnoverhttp url_regex -i "/opt/squid/etc/msnoverhttp.txt"< http_access deny mimeblockq---> acl msnoverhttp url_regex -i "/opt/squid/etc/msnoverhttp.txt"> http_access deny mimeblockq1995,1997c1989,1991< http_access allow Allowed-ABC-AU< http_access allow Allowed-ABC-NZ< http_access allow au-company AuthorisedUsers---> #http_access allow Allowed-ABC-AU> #http_access allow Allowed-ABC-NZ> #http_access allow au-company AuthorisedUsers1999c1993< #http_access allow au-company---> http_access allow au-company< #http_access allow localhost---> http_access allow localhost2016c2010< http_access deny all---> http_access deny All2050,2052c2044< icp_access allow CMGR< icp_access deny all< #icp_access deny all---> # icp_access deny all2206d2197< cache_mgr ap.it.helpdesk@xxxxxxxxxxxxxx Any help would be really appreciated.
