Is there any possibility of getting some funding for this work? Its not for me: I don't know much about the NT code at all. But I'm sure there's a squid developer or two there who is willing to sort through all of the niggling NTLM authentication problems. Adrian On Sun, Jun 18, 2006, Scott Jarkoff wrote: > I would truly love to say otherwise, however I have been unable to > reconcile this problem once and for all. While the popups do not > appear to be as frequent as they used to be, after a minor > modification to my smb.conf file, they are still present. Because of > this I am unable to get Squid deployed throughout our enterprise. > > > scott > > > On 6/16/06, Ngo, Toan <tngo@xxxxxxxxxx> wrote: > >Are there any more suggestions on the random auth prompts? > > > >Thanks. > > > >-----Original Message----- > >From: Ngo, Toan > >Sent: Monday, June 05, 2006 9:09 AM > >To: Guido Serassio; Visolve squid; Scott Jarkoff > >Cc: squid-users@xxxxxxxxxxxxxxx > >Subject: RE: Random authentication popups > > > >SMB.CONF > > > > [global] > > workgroup = DOMAIN > > realm = DOMAIN.COM > > netbios name = PROXY-01 > > > > server string = Proxy Server > > log file = /var/log/samba/%m.log > > security = ads > > password server = dc1.domain.com dc2.domain.com dc3.domain.com > > > > idmap uid = 16777216-33554431 > > idmap gid = 16777216-33554431 > > winbind separator= \\ > > # allow enumeration of winbind users and groups > > winbind enum users = yes > > winbind enum groups = yes > ># winbind use default domain = yes > > template shell = /sbin/nologin > > encrypt passwords = yes > > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > > local master = no > > wins server = x.x.x.x > > dns proxy = no > > > >SQUID.CONF > >auth_param ntlm program /usr/bin/ntlm_auth > >--helper-protocol=squid-2.5-ntlmssp > >auth_param ntlm children 50 > >auth_param ntlm max_challenge_reuses 0 > >auth_param ntlm max_challenge_lifetime 2 minutes > >auth_param ntlm use_ntlm_negotiate on > >auth_param basic program /usr/bin/ntlm_auth > >--helper-protocol=squid-2.5-basic > >auth_param basic children 10 > >auth_param basic realm Squid proxy-caching web server > >auth_param basic credentialsttl 3 minutes > > > >-----Original Message----- > >From: Guido Serassio [mailto:guido.serassio@xxxxxxxxxxxxxxxxx] > >Sent: Saturday, June 03, 2006 2:05 AM > >To: Ngo, Toan; Visolve squid; Scott Jarkoff > >Cc: squid-users@xxxxxxxxxxxxxxx > >Subject: RE: Random authentication popups > > > >Hi, > > > >At 01.34 03/06/2006, Ngo, Toan wrote: > > > >>I get these messages in cache.log. > >> > >>[2006/06/02 16:22:51, 1] libsmb/ntlmssp.c:ntlmssp_update(252) > >> got NTLMSSP command 3, expected 1 > >>[2006/06/02 16:24:30, 1] libsmb/ntlmssp.c:ntlmssp_update(252) > >> got NTLMSSP command 3, expected 1 > >>[2006/06/02 16:25:39, 1] libsmb/ntlmssp.c:ntlmssp_update(252) > >> got NTLMSSP command 1, expected 3 > >>[2006/06/02 16:26:04, 1] libsmb/ntlmssp.c:ntlmssp_update(252) > >> got NTLMSSP command 3, expected 1 > >> > >>Any ideas? Are others seeing the same log messages when the random > >>login prompts? > > > >This is the trace of some out of order NTLM packets, the messages > >come from Samba's ntlm_auth helper. > > > > From your previous message, I can read that you are using Samba > >3.0.14a, 3.0.22 would be better, please do you can post your smb.conf > >and the auth_param section of your squid.conf. > > > >Regards > > > >Guido > > > > > > > >- > >======================================================== > >Guido Serassio > >Acme Consulting S.r.l. - Microsoft Certified Partner > >Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY > >Tel. : +39.011.9530135 Fax. : +39.011.9781115 > >Email: guido.serassio@xxxxxxxxxxxxxxxxx > >WWW: http://www.acmeconsulting.it/ > > > > > > > > > > > > > > > -- > Scott Jarkoff
