Search squid archive

Re: RE: NTLM error

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dawie,

Welcome to the squid "It's Microsoft and it's broke, so it's not our
fault" list.

I had the same problem and did find a work around that seems to stop
the pop-up authentication.
The hack is to change the registry setting MaxConnectionsPerServer to
1. This is a
link for setting the registry value: http://support.microsoft.com/kb/282402

I believe the squid connection pinning code is wrong but I can't get
anyone to believe me.

Jeff F>

On Fri, Mar 19, 2010 at 8:30 AM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
> Dawie Pretorius wrote:
>>
>> Hi is it possible that someone can come back to me on this request.
>>
>> Thank you
>>
>> Dawie Pretorius
>>
>
> Maybe yes, maybe no.
>
> You did add this:
> "
>> message and may be subject to legal privilege. Access to this e-mail
>> by anyone other than the intended is unauthorised. If you are not the
>> intended recipient (or responsible for delivery of the message to
>> such person), you may not use, copy, distribute or deliver to anyone
>> this message (or any part of its contents ) or take any action in
> "
>
> Sigh. Some people who might have answered will be legally bound not to or
> risk their employment.
>
> /joke.
>
>>
>> -----Original Message-----
>> From: Dawie Pretorius [mailto:dawie@xxxxxxxxxxxxxxxxx] Sent: 11 March 2010
>> 10:40 AM
>> To: squid-users@xxxxxxxxxxxxxxx
>> Subject:  NTLM error
>>
>> Hi,
>> I continually have this error inside my /var/log/squid/cache.log:
>>
>> [2010/03/05 12:40:02, 1] libsmb/ntlmssp.c:ntlmssp_update(334)
>>  got NTLMSSP command 3, expected 1
>
> A client is using kerberos (aka "3") to respond to your NTLM (aka "1")
> challenge.
>  * Find out what client browser this is its really rather broken, and if
> possible why it's acting this way.
>  * Look into implementing Kerberos auth in your network. NTLM is officially
> deprecated by MS now, and apparently not supported in Windows 7.
>
>>
>> And getting a authentication pop up.
>>
>> I found this article about this issue:
>>
>> http://www1.il.squid-cache.org/mail-archive/squid-dev/200906/0041.html
>>
>> This article states that there is a workaround:
>>
>> "The workaround is pretty simple - just enable the IP auth cache."
>>
>
> I think they mean that storing the auth credentials and re-using them for
> the IP gets around it.
>
> Not a good solution at all. And squid does not support auth cache for NTLM
> type protocols anyway. Which means you need to be using insecure Basic auth
> for it to work.
>
> Amos
> --
> Please be using
>  Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25
>  Current Beta Squid 3.1.0.18
>

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux