I again fall into the problem which I faced earlier. Sudden pop up authentication window. It was completely ok and was running without any hitch for last 4/5 months. But last day after a restart of the machine made this happen. I now can't find out what is the problem Last time I did a lot of change and modification and something was there that did worked. But this restart made things bad. Now I am gettings this error: [root@proxy ~]# tail -1000 /usr/local/squid/var/logs/cache.log |grep failed Login for user [DOMAINNAME]\[ad-username]@[PC-4321] failed due to [Reading winbind reply failed!] Login for user [DOMAINNAME]\[ad-username]@[PC-1352] failed due to [Reading winbind reply failed!] Login for user [DOMAINNAME]\[ad-username]@[PC-1352] failed due to [Reading winbind reply failed!] I am using RHEL4 update 2; 64 bit. Squid: Squid Cache: Version 3.0.STABLE9 configure options: '--enable-auth=ntlm,basic' '--with-winbind-auth-challenge' DG was also configured 2.9.9.8. Samba and winbind are default with OS which is samba-common-3.0.10-1.4E.2 samba-common-3.0.10-1.4E.2 samba-client-3.0.10-1.4E.2 samba-3.0.10-1.4E.2 samba.conf ---------- [global] workgroup = DOMAINNAME netbios name = proxy realm = DOMAINNAME.COM server string = Linux Samba Server security = ads encrypt passwords = Yes password server = 10.10.xx.xx log file = /usr/local/samba/var/%m.log max log size = 50 log level = 3 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 preferred master = False local master = No domain master = False dns proxy = No winbind enum users = yes winbind enum groups = yes winbind use default domain = yes idmap uid = 10000-20000 idmap gid = 10000-20000 krb5.conf --------- [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = DOMAINNAME.COM ticket_lifetiime = 600 [realms] DOMAINNAME.COM = { kdc = 10.10.xx.xx kdc = 10.10.xx.xx kdc = abc.domainname.com kdc = def.domainname.com admin_server = abc.domainname.com default_domain = DOMAINNAME.COM } [domain_realm] .domainname.com = DOMAINNAME.COM domainname.com = DOMAINNAME.COM [kdc] profile = /var/krb5kdc/kdc.conf [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } nsswitch.conf ------------- passwd: compat winbind group: compat winbind shadow: compat hosts: files dns wins networks: files dns protocols: db files services: db files ethers: db files rpc: db files wbinfo -u and wbinfo -g works. ntlm_auth --username=ad-username also works. wbinfo -t also works but takes around 2 minutes to give the ourput "checking the trust secret via RPC calls succeeded". klist also shows the ticket. Please help with any idea what could be gone wrong. This pop up window of authentication is a pain. If you click ESC then it gives a page with cache Access Denied. But again if you click on Refresh then it works.