Search squid archive

Problem with negotiate_wrapper and ntlm authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Dear all,
I have a little problem trying to configure a fall back authentication
via negotiate_wrapper

Here is the squid configuration line:

auth_param negotiate program /usr/local/bin/negotiate_wrapper -d --ntlm
/usr/bin/ntlm_auth -d --helper-protocol=squid-2.5-ntlmssp
--domain=PREVIDOM --kerberos /usr/lib64/squid/squid_kerb_auth -d -s
HTTP/srvsquidproxy.previdom.previnet.it

The Kerberos auth runs very well, but, when negotiate_wrapper identifies
a type 1 NTLM token I get a NT_STATUS_NO_SUCH_USER in the cache.log.
The strange thing is that if I run ntlm_auth outside squid context I get
a successful auth.

/usr/bin/ntlm_auth --username=provaproxy --password=Pass1word
--domain=PREVIDOM
NT_STATUS_OK: Success (0x0)

Is it possible that negotiate_wrapper doesn't "understand" correctly
username & password from browser?
What is the correct username sintax to use in the login request?
user@fqdn or netbios domain\user or user without anything else? in my
case: provaproxy@xxxxxxxxxxxxxxxxxxxx, previdom\provaproxy or provaproxy
without domain?

I'm using a precompiled 3.1.10 squid version on centos 6.4.


Thanks to all and sorry for my bad english











[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux