Dawie, Welcome to the squid "It's Microsoft and it's broke, so it's not our fault" list. I had the same problem and did find a work around that seems to stop the pop-up authentication. The hack is to change the registry setting MaxConnectionsPerServer to 1. This is a link for setting the registry value: http://support.microsoft.com/kb/282402 I believe the squid connection pinning code is wrong but I can't get anyone to believe me. Jeff F> On Fri, Mar 19, 2010 at 8:30 AM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > Dawie Pretorius wrote: >> >> Hi is it possible that someone can come back to me on this request. >> >> Thank you >> >> Dawie Pretorius >> > > Maybe yes, maybe no. > > You did add this: > " >> message and may be subject to legal privilege. Access to this e-mail >> by anyone other than the intended is unauthorised. If you are not the >> intended recipient (or responsible for delivery of the message to >> such person), you may not use, copy, distribute or deliver to anyone >> this message (or any part of its contents ) or take any action in > " > > Sigh. Some people who might have answered will be legally bound not to or > risk their employment. > > /joke. > >> >> -----Original Message----- >> From: Dawie Pretorius [mailto:dawie@xxxxxxxxxxxxxxxxx] Sent: 11 March 2010 >> 10:40 AM >> To: squid-users@xxxxxxxxxxxxxxx >> Subject: NTLM error >> >> Hi, >> I continually have this error inside my /var/log/squid/cache.log: >> >> [2010/03/05 12:40:02, 1] libsmb/ntlmssp.c:ntlmssp_update(334) >> got NTLMSSP command 3, expected 1 > > A client is using kerberos (aka "3") to respond to your NTLM (aka "1") > challenge. > * Find out what client browser this is its really rather broken, and if > possible why it's acting this way. > * Look into implementing Kerberos auth in your network. NTLM is officially > deprecated by MS now, and apparently not supported in Windows 7. > >> >> And getting a authentication pop up. >> >> I found this article about this issue: >> >> http://www1.il.squid-cache.org/mail-archive/squid-dev/200906/0041.html >> >> This article states that there is a workaround: >> >> "The workaround is pretty simple - just enable the IP auth cache." >> > > I think they mean that storing the auth credentials and re-using them for > the IP gets around it. > > Not a good solution at all. And squid does not support auth cache for NTLM > type protocols anyway. Which means you need to be using insecure Basic auth > for it to work. > > Amos > -- > Please be using > Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25 > Current Beta Squid 3.1.0.18 >
