Search squid archive

Re: RE: Error with ntlm authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Delgado Contreras wrote:
Hi,

Yes, but why I have an error 1000 in proxy Event Viewer ever time I try to open a web page?


Hmm, this site appears to have even more useful info than MS provide.
http://www.eventid.net/

enter ID 1000 and the Src info from the event into the site search boxes.

Amos


Verónica
-----Mensaje original-----
De: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] Enviado el: miércoles, 13 de mayo de 2009 14:24
Para: "Delgado Contreras"; Delgado Contreras, Verónica
CC: Guido Serassio; squid-users@xxxxxxxxxxxxxxx
Asunto: Re:  RE: Error with ntlm authentication

Delgado Contreras wrote:
Hi,

I have solved the Error 1054.Buy I also have this error.

Type: Error
User: N/A
Source: Application Error
Category: (100)
EventID: 1000

Description:

Faulting application mswin_ntlm_auth.exe, version 0.0.0.0, faulting module msvcrt.dll, version 7.0.3790.3959, fault address 0x00037e23.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.



This is my configuration in squid.conf:

auth_param ntlm program c:/squid/libexec/mswin_ntlm_auth.exe -d
auth_param ntlm children 50
auth_param basic program c:/squid/libexec/mswin_ntlm_auth.exe -d
auth_param basic children 50
auth_param basic keep_alive on
auth_param ntlm keep_alive on
auth_param negotiate keep_alive on

auth_param basic credentialsttl 5 minutes

external_acl_type AD_global_group %LOGIN c:/squid/libexec/mswin_check_ad_group.exe -D cajadeburgos.des -G -d

acl GProxyUsers external AD_global_group c:/squid/etc/DomainUsers
acl dstcomun dstdomain "C:/squid/etc/comun.acl"
acl ntlm-users proxy_auth REQUIRED
http_access allow ntlm-users GProxyUsers


When a user open the first time a web page in a Browser, the user and domain are send and the proxy allow the web, but the next times the user and domain aren't send and the proxy don´t allow the web and in the event Viwer Aplication sow the EventID 1000.

It can see in the file access.log

1242042166.237    782 172.24.4.123 TCP_MISS/302 612 GET http://go.microsoft.com/fwlink/? dodes\administrator DIRECT/64.4.52.189 text/html
1242042166.831    593 172.24.4.123 TCP_MISS/403 1010 GET http://runonce.msn.com/runonce3.aspx dodes\administrator DIRECT/213.199.181.20 text/html
1242042177.426      0 172.24.4.123 TCP_DENIED/407 1782 GET http://www.google.es/ - NONE/- text/html


This is correct behavior of Squid.

407 is request for missing credentials which have not been sent by the browser software. Expect it to be followed by an almost identical repeat request which succeeds.

This document may be of some help figuring out what is going on:
http://wiki.squid-cache.org/KnowledgeBase/NTLMAuthGoryDetails


Amos

-----Mensaje original-----
De: Guido Serassio [mailto:guido.serassio@xxxxxxxxxxxxxxxxx] Enviado el: martes, 12 de mayo de 2009 19:46
Para: Delgado Contreras, Verónica; squid-users@xxxxxxxxxxxxxxx
Asunto: R:  RE: Error with ntlm authentication

Hi,

The errors that you can see in the event log of your machine are not related to Squid, but are the symptom of some malfunction in the acces to AD from the machine itself.
So likely any ntlm problem could be related.

But, what is the helpers command line in squid.conf ?

Regards
Guido Serassio

Acme Consulting S.r.l. - Microsoft Certified Partner
Via Lucia Savarino, 1                10098 - Rivoli (TO) - ITALY
Tel. : +39.011.9530135               Fax. : +39.011.9781115
Email: info@xxxxxxxxxxxxxxxxx
WWW: http://www.acmeconsulting.it/

-----Messaggio originale-----
Da: Delgado Contreras, Verónica [mailto:vdelgado@xxxxxxxxxxxxxxx]
Inviato: martedì 12 maggio 2009 8.20
A: squid-users@xxxxxxxxxxxxxxx
Oggetto:  RE: Error with ntlm authentication


Hello,

I´m testing Squid 3 for Windows. I try to configure squid with ntlm
authentication but I have a error in event viewer-Application.

Type: Error
User: NT AUTHORITY\SYSTEM
Computer: LOBO
Source: Userenv
Category: None
Event ID: 1054
Description:
Windows cannot obtain the domain controller name for your computer network.
(An unexpected network error occurred. ). Group Policy processing aborted.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.




And  the “cache .log” show this:



ntlm-auth[2828](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
build Mar  6 2009, 23:32:18 starting up...
ntlm-auth[2828](ntlm_auth.c:391): SSPI initialized OK
ntlm-auth[796](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
build Mar  6 2009, 23:32:18 starting up...
ntlm-auth[796](ntlm_auth.c:391): SSPI initialized OK
ntlm-auth[5620](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
build Mar  6 2009, 23:32:18 starting up...
ntlm-auth[5620](ntlm_auth.c:391): SSPI initialized OK
ntlm-auth[2864](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
build Mar  6 2009, 23:32:18 starting up...
ntlm-auth[2864](ntlm_auth.c:391): SSPI initialized OK
ntlm-auth[5644](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
build Mar  6 2009, 23:32:18 starting up...
ntlm-auth[5644](ntlm_auth.c:391): SSPI initialized OK
2009/05/11 12:56:47| helperOpenServers: Starting 5
'mswin_check_ad_group.exe' processes
ntlm-auth[3248](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
build Mar  6 2009, 23:32:18 starting up...
ntlm-auth[3248](ntlm_auth.c:391): SSPI initialized OK
ntlm-auth[5980](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
build Mar  6 2009, 23:32:18 starting up...
ntlm-auth[5980](ntlm_auth.c:391): SSPI initialized OK
/mswin_check_ad_group.exe[3012]: Member of Domain DODES

/mswin_check_ad_group.exe[3012]: Into forest cajadeburgos.des

/mswin_check_ad_group.exe[3012]: External ACL win32 group helper build Mar
6 2009, 23:48:40 starting up...

/mswin_check_ad_group.exe[3012]: Domain Global group mode enabled using
'cajadeburgos.de' as default domain.

ntlm-auth[5664](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
build Mar  6 2009, 23:32:18 starting up...
ntlm-auth[5664](ntlm_auth.c:391): SSPI initialized OK
/mswin_check_ad_group.exe[1160]: Member of Domain DODES

/mswin_check_ad_group.exe[1160]: Into forest cajadeburgos.des

/mswin_check_ad_group.exe[1160]: External ACL win32 group helper build Mar
6 2009, 23:48:40 starting up...

/mswin_check_ad_group.exe[1160]: Domain Global group mode enabled using
'cajadeburgos.de' as default domain.

/mswin_check_ad_group.exe[3268]: Member of Domain DODES

/mswin_check_ad_group.exe[3268]: Into forest cajadeburgos.des

/mswin_check_ad_group.exe[3268]: External ACL win32 group helper build Mar
6 2009, 23:48:40 starting up...

/mswin_check_ad_group.exe[3268]: Domain Global group mode enabled using
'cajadeburgos.de' as default domain.

/mswin_check_ad_group.exe[5656]: Member of Domain DODES

/mswin_check_ad_group.exe[5656]: Into forest cajadeburgos.des

/mswin_check_ad_group.exe[5656]: External ACL win32 group helper build Mar
6 2009, 23:48:40 starting up...

/mswin_check_ad_group.exe[5656]: Domain Global group mode enabled using
'cajadeburgos.de' as default domain.

2009/05/11 12:56:47| User-Agent logging is disabled.
2009/05/11 12:56:47| Referer logging is disabled.
/mswin_check_ad_group.exe[3016]: Member of Domain DODES

/mswin_check_ad_group.exe[3016]: Into forest cajadeburgos.des

/mswin_check_ad_group.exe[3016]: External ACL win32 group helper build Mar
6 2009, 23:48:40 starting up...

/mswin_check_ad_group.exe[3016]: Domain Global group mode enabled using
'cajadeburgos.de' as default domain.

2009/05/11 12:56:47| Unlinkd pipe opened on FD 428
2009/05/11 12:56:47| Local cache digest enabled; rebuild/rewrite every
3600/3600 sec
2009/05/11 12:56:47| Swap maxSize 1024000 KB, estimated 78769 objects
2009/05/11 12:56:47| Target number of buckets: 3938
2009/05/11 12:56:47| Using 8192 Store buckets
2009/05/11 12:56:47| Max Mem  size: 8192 KB
2009/05/11 12:56:47| Max Swap size: 1024000 KB
2009/05/11 12:56:48| Version 1 of swap file with LFS support detected...
2009/05/11 12:56:48| Rebuilding storage in c:/squid/var/cache (CLEAN)
2009/05/11 12:56:48| Using Least Load store dir selection
2009/05/11 12:56:48| Set Current Directory to c:/squid/var/cache
2009/05/11 12:56:48| Loaded Icons.
2009/05/11 12:56:48| Accepting  HTTP connections at 172.25.49.11, port 80,
FD 434.
2009/05/11 12:56:48| HTCP Disabled.
2009/05/11 12:56:48| Ready to serve requests.
2009/05/11 12:56:48| Done reading c:/squid/var/cache swaplog (951 entries)
2009/05/11 12:56:48| Finished rebuilding storage from disk.
2009/05/11 12:56:48|       951 Entries scanned
2009/05/11 12:56:48|         0 Invalid entries.
2009/05/11 12:56:48|         0 With invalid flags.
2009/05/11 12:56:48|       951 Objects loaded.
2009/05/11 12:56:48|         0 Objects expired.
2009/05/11 12:56:48|         0 Objects cancelled.
2009/05/11 12:56:48|         0 Duplicate URLs purged.
2009/05/11 12:56:48|         0 Swapfile clashes avoided.
2009/05/11 12:56:48|   Took 0.34 seconds (2766.19 objects/sec).
2009/05/11 12:56:48| Beginning Validation Procedure
2009/05/11 12:56:48|   Completed Validation Procedure
2009/05/11 12:56:48|   Validated 1927 Entries
2009/05/11 12:56:48|   store_swap_size = 8024
2009/05/11 12:56:49| storeLateRelease: released 0 objects
ntlm-auth[3376](ntlm_auth.c:227): Got 'YR
TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0
RPREVT' from Squid
ntlm-auth[3376](ntlm_auth.c:183): attempting SSPI challenge retrieval
ntlm-auth[3376](ntlm_auth.c:186): Got it
ntlm-auth[3376](ntlm_auth.c:266): sending 'TT
TlRMTVNTUAACAAAACgAKADgAAAAFgomiDSA9TjNm89EAAAAAAAAAAJQAlABCAAAABQLODgAAAA
9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1
AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC
4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to
squid
ntlm-auth[3376](ntlm_auth.c:227): Got 'KK
TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA
C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz
ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMAMpWZ5BGDLckAAAAAAAAAAAAAAAAAAAAA11H7te
bZ4CuRk+g95Dm0zM6uiw9ortI2' from Squid
ntlm-auth[3376](libntlmssp.c:269): checking domaicn: 'DODES', user:
'Administrator'
/mswin_check_ad_group.exe[3012]: Got 'dodes%5Cadministrator
c:/squid/etc/DomainUsers' from Squid (length: 46).

/mswin_check_ad_group.exe[3012]: Valid_Global_Groups: checking group
membership of 'dodes\administrator'.

/mswin_check_ad_group.exe DsGetDcName() failed.'
ntlm-auth[5888](ntlm_auth.c:227): Got 'YR
TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0
RPREVT' from Squid
ntlm-auth[5888](ntlm_auth.c:183): attempting SSPI challenge retrieval
ntlm-auth[5888](ntlm_auth.c:186): Got it
ntlm-auth[5888](ntlm_auth.c:266): sending 'TT
TlRMTVNTUAACAAAACgAKADgAAAAFgomiKm9ZWYx42iUAAAAAAAAAAJQAlABCAAAABQLODgAAAA
9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1
AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC
4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to
squid
ntlm-auth[5888](ntlm_auth.c:227): Got 'KK
TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA
C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz
ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMAeSeUuCuU9W8AAAAAAAAAAAAAAAAAAAAAS1A3HJ
C0hQNSHHJkIAWFKfpFuYbbQSY3' from Squid
ntlm-auth[5888](libntlmssp.c:269): checking domain: 'DODES', user:
'Administrator'
ntlm-auth[1488](ntlm_auth.c:227): Got 'YR
TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0
RPREVT' from Squid
ntlm-auth[1488](ntlm_auth.c:183): attempting SSPI challenge retrieval
ntlm-auth[1488](ntlm_auth.c:186): Got it
ntlm-auth[1488](ntlm_auth.c:266): sending 'TT
TlRMTVNTUAACAAAACgAKADgAAAAFgomieoupMy56RPkAAAAAAAAAAJQAlABCAAAABQLODgAAAA
9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1
AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC
4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to
squid
ntlm-auth[1488](ntlm_auth.c:227): Got 'KK
TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA
C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz
ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMA1ZT+19V97OkAAAAAAAAAAAAAAAAAAAAA8Blnof
qUp9IgkhbtwIrMXehHu2rY9CmE' from Squid
ntlm-auth[1488](libntlmssp.c:269): checking domain: 'DODES', user:
'Administrator'
ntlm-auth[2968](ntlm_auth.c:227): Got 'YR
TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0
RPREVT' from Squid
ntlm-auth[2968](ntlm_auth.c:183): attempting SSPI challenge retrieval
ntlm-auth[2968](ntlm_auth.c:186): Got it
ntlm-auth[2968](ntlm_auth.c:266): sending 'TT
TlRMTVNTUAACAAAACgAKADgAAAAFgomiUIsf25S7gqMAAAAAAAAAAJQAlABCAAAABQLODgAAAA
9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1
AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC
4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to
squid
ntlm-auth[2968](ntlm_auth.c:227): Got 'KK
TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA
C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz
ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMAbyG+h4SorQUAAAAAAAAAAAAAAAAAAAAAd77QUF
RWePBef5FF6BB6B9Zglk4maUIg' from Squid
ntlm-auth[2968](libntlmssp.c:269): checking domain: 'DODES', user:
'Administrator'
ntlm-auth[4072](ntlm_auth.c:227): Got 'YR
TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0
RPREVT' from Squid
ntlm-auth[4072](ntlm_auth.c:183): attempting SSPI challenge retrieval
ntlm-auth[4072](ntlm_auth.c:186): Got it








What can be the problem?.

Thanks.


Verónica Delgado
Depto. Sistemas
CAJA DE BURGOS
C: 947 258 495
: vdelgado@xxxxxxxxxxxxxxx





--
Please be using
  Current Stable Squid 2.7.STABLE6 or 3.0.STABLE15
  Current Beta Squid 3.1.0.7

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux