Search squid archive

Re: Re: Re: Squid Kerberos authentication error

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Now its working in all browsers but not in IE with windows XP. My active directory is in windows 2003
------Original Message------
From: Mohamed Navas
To: 'Markus Moeller'
To: squid-users@xxxxxxxxxxxxxxx
Subject: RE:  Re: Re: Squid Kerberos authentication error
Sent: 26 Jun 2012 9:27 AM

I could solve the issue by creating keytabs within the MS server and
exported to Linux machine and is working fine with msktutils itself...
Still do not find out the reason for not created it in Linux machine ! 

-----Original Message-----
From: Markus Moeller [mailto:huaraz@xxxxxxxxxxxxxxxx] 
Sent: Sunday, June 24, 2012 9:39 PM
To: squid-users@xxxxxxxxxxxxxxx
Subject:  Re: Re: Squid Kerberos authentication error

You can use samba to create the keytab, but you mustn't use any samba
daemon as the daemon will reset the key in AD after a predefined time and
thereby invalidate the key in your keytab.

Regards
Markus


"Navas" <vmnavas@xxxxxxxxx> wrote in message
news:4c9801cd520a$34f4ee30$9edeca90$@gmail.com...
> One more thing I am using Samba, I could not use mskutil. Is there any 
> issue with Kerberos and Samba.
> OS: Redhat EL6.2
> squid-3.1
>
> thanks,
>
> -----Original Message-----
> From: Markus Moeller [mailto:huaraz@xxxxxxxxxxxxxxxx]
> Sent: Sunday, June 24, 2012 2:59 PM
> To: squid-users@xxxxxxxxxxxxxxx
> Subject:  Re: Squid Kerberos authentication error
>
> Can you check that the squid user has read access to the Kerberos keytab
?
> Did you set the environment variable KRB5_KTNAME pointing to the 
> Kerberos keytab in the startup script ?
>
> Markus
>
> "Navas" <vmnavas@xxxxxxxxx> wrote in message 
> news:000301cd51e5$7f9e64e0$7edb2ea0$@gmail.com...
>> Hi,
>> I am trying  to setup squid to authenticate as AD with kerberos as 
>> per the following document
>>
>> http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActive
>> D
>> irecto
>> ry
>>
>> but I am getting following error in cache log,
>>
>> authenticateNegotiateHandleReply: Error validating user via Negotiate.
>> Error
>> returned 'BH gss_acquire_cred() failed: Unspecified GSS failure.
>> Minor code may provide more information. Unknown error'
>>
>> appreciated for your kind help ..
>>
>> thanks,
>>
>> abusam
>>
>>
>
>
>
> 



Sent from my BlackBerry® smartphone from du
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux