Dear all, I have a little problem trying to configure a fall back authentication via negotiate_wrapper Here is the squid configuration line: auth_param negotiate program /usr/local/bin/negotiate_wrapper -d --ntlm /usr/bin/ntlm_auth -d --helper-protocol=squid-2.5-ntlmssp --domain=PREVIDOM --kerberos /usr/lib64/squid/squid_kerb_auth -d -s HTTP/srvsquidproxy.previdom.previnet.it The Kerberos auth runs very well, but, when negotiate_wrapper identifies a type 1 NTLM token I get a NT_STATUS_NO_SUCH_USER in the cache.log. The strange thing is that if I run ntlm_auth outside squid context I get a successful auth. /usr/bin/ntlm_auth --username=provaproxy --password=Pass1word --domain=PREVIDOM NT_STATUS_OK: Success (0x0) Is it possible that negotiate_wrapper doesn't "understand" correctly username & password from browser? What is the correct username sintax to use in the login request? user@fqdn or netbios domain\user or user without anything else? in my case: provaproxy@xxxxxxxxxxxxxxxxxxxx, previdom\provaproxy or provaproxy without domain? I'm using a precompiled 3.1.10 squid version on centos 6.4. Thanks to all and sorry for my bad english
