Update: First a correction, it should've been "I know this information seems rather limited"instead of "I know this information see". I recompiled Squid with just Kerberos and still received the same error. On Fri, Dec 11, 2009 at 9:58 AM, Robert Schenck <robschenck416@xxxxxxxxx> wrote: > Hello, > > First: I'm an intern and know little of pretty much everything. Try to > explain the best you can, please! > > I'm trying to set up Kerberos on a Squid proxy server (the server is > to allow access to ip-based content away from the intranet, so it will > be something like so: client --> internet --> VPN --> access to > intranet --> proxy server --> ip-based content). > > Unfortunately, every time I connect to the proxy to connect to random > webpage, I receive the error "Cache Access Denied". According to the > guy who manages the Kerberos stuff around here, the machine is > authenticated with Keberos and has a ticket...so apparently it's > something to do with Squid (but don't necessarily rule out > Keberos...he may be wrong)? > > I set-up Squid using Kerberos (note that prior to the Kerberos > installation, Squid worked fine)doing exactly what was stated in this > guide: http://klaubert.wordpress.com/2008/01/09/squid-kerberos-authentication-and-ldap-authorization-in-active-directory/. > The "Kerberos guy" did the Windows step for me...so there shouldn't be > any problems there. > > As it says in the guide, I did compile Squid with basic > authentication....but I didn't set it up whatsoever and haven't > changed any settings relating to it...could this be the culprit, > perhaps? This actually seems somewhat likely to me because the error > occurs when I run squid with the start-up script (that includes the > line: export KRB5_KTNAME=/etc/squid/squid.domain.keytab) and when I > start squid using the sbin file...(so it shouldn't even be loading the > keytab file here). > > I know this information see >
