Hi, Wrong helper here: > auth_param basic program c:/squid/libexec/mswin_ntlm_auth.exe -d auth_param basic program c:/squid/libexec/mswin_auth.exe Regards Guido Serassio Acme Consulting S.r.l. - Microsoft Certified Partner Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY Tel. : +39.011.9530135 Fax. : +39.011.9781115 Email: info@xxxxxxxxxxxxxxxxx WWW: http://www.acmeconsulting.it/ > -----Messaggio originale----- > Da: Delgado Contreras, Verónica [mailto:vdelgado@xxxxxxxxxxxxxxx] > Inviato: mercoledì 13 maggio 2009 9.11 > A: Guido Serassio; squid-users@xxxxxxxxxxxxxxx > Oggetto: RE: RE: Error with ntlm authentication > > Hi, > > I have solved the Error 1054.Buy I also have this error. > > Type: Error > User: N/A > Source: Application Error > Category: (100) > EventID: 1000 > > Description: > > Faulting application mswin_ntlm_auth.exe, version 0.0.0.0, faulting module > msvcrt.dll, version 7.0.3790.3959, fault address 0x00037e23. > > For more information, see Help and Support Center at > http://go.microsoft.com/fwlink/events.asp. > > > > This is my configuration in squid.conf: > > auth_param ntlm program c:/squid/libexec/mswin_ntlm_auth.exe -d > auth_param ntlm children 50 > auth_param basic program c:/squid/libexec/mswin_ntlm_auth.exe -d > auth_param basic children 50 > auth_param basic keep_alive on > auth_param ntlm keep_alive on > auth_param negotiate keep_alive on > > auth_param basic credentialsttl 5 minutes > > external_acl_type AD_global_group %LOGIN > c:/squid/libexec/mswin_check_ad_group.exe -D cajadeburgos.des -G -d > > acl GProxyUsers external AD_global_group c:/squid/etc/DomainUsers > acl dstcomun dstdomain "C:/squid/etc/comun.acl" > acl ntlm-users proxy_auth REQUIRED > http_access allow ntlm-users GProxyUsers > > > When a user open the first time a web page in a Browser, the user and > domain are send and the proxy allow the web, but the next times the user > and domain aren't send and the proxy don´t allow the web and in the event > Viwer Aplication sow the EventID 1000. > > > It can see in the file access.log > > 1242042166.237 782 172.24.4.123 TCP_MISS/302 612 GET > http://go.microsoft.com/fwlink/? dodes\administrator DIRECT/64.4.52.189 > text/html > 1242042166.831 593 172.24.4.123 TCP_MISS/403 1010 GET > http://runonce.msn.com/runonce3.aspx dodes\administrator > DIRECT/213.199.181.20 text/html > 1242042177.426 0 172.24.4.123 TCP_DENIED/407 1782 GET > http://www.google.es/ - NONE/- text/html > > Thank you. > > Verónica Delgado > Depto. Sistemas > CAJA DE BURGOS > C: 947 258 495 > : vdelgado@xxxxxxxxxxxxxxx > > > -----Mensaje original----- > De: Guido Serassio [mailto:guido.serassio@xxxxxxxxxxxxxxxxx] > Enviado el: martes, 12 de mayo de 2009 19:46 > Para: Delgado Contreras, Verónica; squid-users@xxxxxxxxxxxxxxx > Asunto: R: RE: Error with ntlm authentication > > Hi, > > The errors that you can see in the event log of your machine are not > related to Squid, but are the symptom of some malfunction in the acces to > AD from the machine itself. > So likely any ntlm problem could be related. > > But, what is the helpers command line in squid.conf ? > > Regards > > Guido Serassio > > Acme Consulting S.r.l. - Microsoft Certified Partner > Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY > Tel. : +39.011.9530135 Fax. : +39.011.9781115 > Email: info@xxxxxxxxxxxxxxxxx > WWW: http://www.acmeconsulting.it/ > > > > > -----Messaggio originale----- > > Da: Delgado Contreras, Verónica [mailto:vdelgado@xxxxxxxxxxxxxxx] > > Inviato: martedì 12 maggio 2009 8.20 > > A: squid-users@xxxxxxxxxxxxxxx > > Oggetto: RE: Error with ntlm authentication > > > > > > Hello, > > > > I´m testing Squid 3 for Windows. I try to configure squid with ntlm > > authentication but I have a error in event viewer-Application. > > > > Type: Error > > User: NT AUTHORITY\SYSTEM > > Computer: LOBO > > Source: Userenv > > Category: None > > Event ID: 1054 > > Description: > > Windows cannot obtain the domain controller name for your computer > network. > > (An unexpected network error occurred. ). Group Policy processing > aborted. > > > > For more information, see Help and Support Center at > > http://go.microsoft.com/fwlink/events.asp. > > > > > > > > > > And the “cache .log” show this: > > > > > > > > ntlm-auth[2828](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe > > build Mar 6 2009, 23:32:18 starting up... > > ntlm-auth[2828](ntlm_auth.c:391): SSPI initialized OK > > ntlm-auth[796](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe > > build Mar 6 2009, 23:32:18 starting up... > > ntlm-auth[796](ntlm_auth.c:391): SSPI initialized OK > > ntlm-auth[5620](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe > > build Mar 6 2009, 23:32:18 starting up... > > ntlm-auth[5620](ntlm_auth.c:391): SSPI initialized OK > > ntlm-auth[2864](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe > > build Mar 6 2009, 23:32:18 starting up... > > ntlm-auth[2864](ntlm_auth.c:391): SSPI initialized OK > > ntlm-auth[5644](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe > > build Mar 6 2009, 23:32:18 starting up... > > ntlm-auth[5644](ntlm_auth.c:391): SSPI initialized OK > > 2009/05/11 12:56:47| helperOpenServers: Starting 5 > > 'mswin_check_ad_group.exe' processes > > ntlm-auth[3248](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe > > build Mar 6 2009, 23:32:18 starting up... > > ntlm-auth[3248](ntlm_auth.c:391): SSPI initialized OK > > ntlm-auth[5980](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe > > build Mar 6 2009, 23:32:18 starting up... > > ntlm-auth[5980](ntlm_auth.c:391): SSPI initialized OK > > /mswin_check_ad_group.exe[3012]: Member of Domain DODES > > > > /mswin_check_ad_group.exe[3012]: Into forest cajadeburgos.des > > > > /mswin_check_ad_group.exe[3012]: External ACL win32 group helper build > Mar > > 6 2009, 23:48:40 starting up... > > > > /mswin_check_ad_group.exe[3012]: Domain Global group mode enabled using > > 'cajadeburgos.de' as default domain. > > > > ntlm-auth[5664](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe > > build Mar 6 2009, 23:32:18 starting up... > > ntlm-auth[5664](ntlm_auth.c:391): SSPI initialized OK > > /mswin_check_ad_group.exe[1160]: Member of Domain DODES > > > > /mswin_check_ad_group.exe[1160]: Into forest cajadeburgos.des > > > > /mswin_check_ad_group.exe[1160]: External ACL win32 group helper build > Mar > > 6 2009, 23:48:40 starting up... > > > > /mswin_check_ad_group.exe[1160]: Domain Global group mode enabled using > > 'cajadeburgos.de' as default domain. > > > > /mswin_check_ad_group.exe[3268]: Member of Domain DODES > > > > /mswin_check_ad_group.exe[3268]: Into forest cajadeburgos.des > > > > /mswin_check_ad_group.exe[3268]: External ACL win32 group helper build > Mar > > 6 2009, 23:48:40 starting up... > > > > /mswin_check_ad_group.exe[3268]: Domain Global group mode enabled using > > 'cajadeburgos.de' as default domain. > > > > /mswin_check_ad_group.exe[5656]: Member of Domain DODES > > > > /mswin_check_ad_group.exe[5656]: Into forest cajadeburgos.des > > > > /mswin_check_ad_group.exe[5656]: External ACL win32 group helper build > Mar > > 6 2009, 23:48:40 starting up... > > > > /mswin_check_ad_group.exe[5656]: Domain Global group mode enabled using > > 'cajadeburgos.de' as default domain. > > > > 2009/05/11 12:56:47| User-Agent logging is disabled. > > 2009/05/11 12:56:47| Referer logging is disabled. > > /mswin_check_ad_group.exe[3016]: Member of Domain DODES > > > > /mswin_check_ad_group.exe[3016]: Into forest cajadeburgos.des > > > > /mswin_check_ad_group.exe[3016]: External ACL win32 group helper build > Mar > > 6 2009, 23:48:40 starting up... > > > > /mswin_check_ad_group.exe[3016]: Domain Global group mode enabled using > > 'cajadeburgos.de' as default domain. > > > > 2009/05/11 12:56:47| Unlinkd pipe opened on FD 428 > > 2009/05/11 12:56:47| Local cache digest enabled; rebuild/rewrite every > > 3600/3600 sec > > 2009/05/11 12:56:47| Swap maxSize 1024000 KB, estimated 78769 objects > > 2009/05/11 12:56:47| Target number of buckets: 3938 > > 2009/05/11 12:56:47| Using 8192 Store buckets > > 2009/05/11 12:56:47| Max Mem size: 8192 KB > > 2009/05/11 12:56:47| Max Swap size: 1024000 KB > > 2009/05/11 12:56:48| Version 1 of swap file with LFS support detected... > > 2009/05/11 12:56:48| Rebuilding storage in c:/squid/var/cache (CLEAN) > > 2009/05/11 12:56:48| Using Least Load store dir selection > > 2009/05/11 12:56:48| Set Current Directory to c:/squid/var/cache > > 2009/05/11 12:56:48| Loaded Icons. > > 2009/05/11 12:56:48| Accepting HTTP connections at 172.25.49.11, port > 80, > > FD 434. > > 2009/05/11 12:56:48| HTCP Disabled. > > 2009/05/11 12:56:48| Ready to serve requests. > > 2009/05/11 12:56:48| Done reading c:/squid/var/cache swaplog (951 > entries) > > 2009/05/11 12:56:48| Finished rebuilding storage from disk. > > 2009/05/11 12:56:48| 951 Entries scanned > > 2009/05/11 12:56:48| 0 Invalid entries. > > 2009/05/11 12:56:48| 0 With invalid flags. > > 2009/05/11 12:56:48| 951 Objects loaded. > > 2009/05/11 12:56:48| 0 Objects expired. > > 2009/05/11 12:56:48| 0 Objects cancelled. > > 2009/05/11 12:56:48| 0 Duplicate URLs purged. > > 2009/05/11 12:56:48| 0 Swapfile clashes avoided. > > 2009/05/11 12:56:48| Took 0.34 seconds (2766.19 objects/sec). > > 2009/05/11 12:56:48| Beginning Validation Procedure > > 2009/05/11 12:56:48| Completed Validation Procedure > > 2009/05/11 12:56:48| Validated 1927 Entries > > 2009/05/11 12:56:48| store_swap_size = 8024 > > 2009/05/11 12:56:49| storeLateRelease: released 0 objects > > ntlm-auth[3376](ntlm_auth.c:227): Got 'YR > > > TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0 > > RPREVT' from Squid > > ntlm-auth[3376](ntlm_auth.c:183): attempting SSPI challenge retrieval > > ntlm-auth[3376](ntlm_auth.c:186): Got it > > ntlm-auth[3376](ntlm_auth.c:266): sending 'TT > > > TlRMTVNTUAACAAAACgAKADgAAAAFgomiDSA9TjNm89EAAAAAAAAAAJQAlABCAAAABQLODgAAAA > > > 9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1 > > > AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC > > 4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to > > squid > > ntlm-auth[3376](ntlm_auth.c:227): Got 'KK > > > TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA > > > C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz > > > ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMAMpWZ5BGDLckAAAAAAAAAAAAAAAAAAAAA11H7te > > bZ4CuRk+g95Dm0zM6uiw9ortI2' from Squid > > ntlm-auth[3376](libntlmssp.c:269): checking domaicn: 'DODES', user: > > 'Administrator' > > /mswin_check_ad_group.exe[3012]: Got 'dodes%5Cadministrator > > c:/squid/etc/DomainUsers' from Squid (length: 46). > > > > /mswin_check_ad_group.exe[3012]: Valid_Global_Groups: checking group > > membership of 'dodes\administrator'. > > > > /mswin_check_ad_group.exe DsGetDcName() failed.' > > ntlm-auth[5888](ntlm_auth.c:227): Got 'YR > > > TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0 > > RPREVT' from Squid > > ntlm-auth[5888](ntlm_auth.c:183): attempting SSPI challenge retrieval > > ntlm-auth[5888](ntlm_auth.c:186): Got it > > ntlm-auth[5888](ntlm_auth.c:266): sending 'TT > > > TlRMTVNTUAACAAAACgAKADgAAAAFgomiKm9ZWYx42iUAAAAAAAAAAJQAlABCAAAABQLODgAAAA > > > 9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1 > > > AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC > > 4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to > > squid > > ntlm-auth[5888](ntlm_auth.c:227): Got 'KK > > > TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA > > > C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz > > > ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMAeSeUuCuU9W8AAAAAAAAAAAAAAAAAAAAAS1A3HJ > > C0hQNSHHJkIAWFKfpFuYbbQSY3' from Squid > > ntlm-auth[5888](libntlmssp.c:269): checking domain: 'DODES', user: > > 'Administrator' > > ntlm-auth[1488](ntlm_auth.c:227): Got 'YR > > > TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0 > > RPREVT' from Squid > > ntlm-auth[1488](ntlm_auth.c:183): attempting SSPI challenge retrieval > > ntlm-auth[1488](ntlm_auth.c:186): Got it > > ntlm-auth[1488](ntlm_auth.c:266): sending 'TT > > > TlRMTVNTUAACAAAACgAKADgAAAAFgomieoupMy56RPkAAAAAAAAAAJQAlABCAAAABQLODgAAAA > > > 9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1 > > > AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC > > 4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to > > squid > > ntlm-auth[1488](ntlm_auth.c:227): Got 'KK > > > TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA > > > C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz > > > ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMA1ZT+19V97OkAAAAAAAAAAAAAAAAAAAAA8Blnof > > qUp9IgkhbtwIrMXehHu2rY9CmE' from Squid > > ntlm-auth[1488](libntlmssp.c:269): checking domain: 'DODES', user: > > 'Administrator' > > ntlm-auth[2968](ntlm_auth.c:227): Got 'YR > > > TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0 > > RPREVT' from Squid > > ntlm-auth[2968](ntlm_auth.c:183): attempting SSPI challenge retrieval > > ntlm-auth[2968](ntlm_auth.c:186): Got it > > ntlm-auth[2968](ntlm_auth.c:266): sending 'TT > > > TlRMTVNTUAACAAAACgAKADgAAAAFgomiUIsf25S7gqMAAAAAAAAAAJQAlABCAAAABQLODgAAAA > > > 9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1 > > > AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC > > 4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to > > squid > > ntlm-auth[2968](ntlm_auth.c:227): Got 'KK > > > TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA > > > C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz > > > ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMAbyG+h4SorQUAAAAAAAAAAAAAAAAAAAAAd77QUF > > RWePBef5FF6BB6B9Zglk4maUIg' from Squid > > ntlm-auth[2968](libntlmssp.c:269): checking domain: 'DODES', user: > > 'Administrator' > > ntlm-auth[4072](ntlm_auth.c:227): Got 'YR > > > TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0 > > RPREVT' from Squid > > ntlm-auth[4072](ntlm_auth.c:183): attempting SSPI challenge retrieval > > ntlm-auth[4072](ntlm_auth.c:186): Got it > > > > > > > > > > > > > > > > > > What can be the problem?. > > > > Thanks. > > > > > > Verónica Delgado > > Depto. Sistemas > > CAJA DE BURGOS > > C: 947 258 495 > > : vdelgado@xxxxxxxxxxxxxxx > >
