Hello all, I have a strange problem with a SQUID proxy with the NTLM authentication. It randomly restarts the authenticator processes (restart maybe not the right term), as follows: 2014-10-29T10:45:02.528245+01:00 yel1swa208 squid[29306]: Starting new ntlmauthenticator helpers... 2014-10-29T10:45:02.529490+01:00 yel1swa208 squid[29306]: helperOpenServers: Starting 1/800 'ntlm_auth' processes 2014-10-29T10:45:02.538002+01:00 yel1swa208 squid[29306]: Starting new ntlmauthenticator helpers... 2014-10-29T10:45:02.539020+01:00 yel1swa208 squid[29306]: helperOpenServers: Starting 1/800 'ntlm_auth' processes 2014-10-29T10:45:02.550401+01:00 yel1swa208 squid[29306]: Starting new ntlmauthenticator helpers... 2014-10-29T10:45:02.551314+01:00 yel1swa208 squid[29306]: helperOpenServers: Starting 1/800 'ntlm_auth' processes 2014-10-29T10:45:02.559424+01:00 yel1swa208 squid[29306]: Starting new ntlmauthenticator helpers... 2014-10-29T10:45:02.560442+01:00 yel1swa208 squid[29306]: helperOpenServers: Starting 1/800 'ntlm_auth' processes 2014-10-29T10:45:02.569961+01:00 yel1swa208 squid[29306]: Starting new ntlmauthenticator helpers... 2014-10-29T10:45:02.570984+01:00 yel1swa208 squid[29306]: helperOpenServers: Starting 1/800 'ntlm_auth' processes 2014-10-29T10:45:02.578951+01:00 yel1swa208 squid[29306]: Starting new ntlmauthenticator helpers... 2014-10-29T10:45:02.579863+01:00 yel1swa208 squid[29306]: helperOpenServers: Starting 1/800 'ntlm_auth' processes 2014-10-29T10:45:02.588642+01:00 yel1swa208 squid[29306]: Starting new ntlmauthenticator helpers... 2014-10-29T10:45:02.589484+01:00 yel1swa208 squid[29306]: helperOpenServers: Starting 1/800 'ntlm_auth' processes 2014-10-29T10:45:02.599002+01:00 yel1swa208 squid[29306]: Starting new ntlmauthenticator helpers... 2014-10-29T10:45:02.599918+01:00 yel1swa208 squid[29306]: helperOpenServers: Starting 1/800 'ntlm_auth' processes 2014-10-29T10:45:02.609309+01:00 yel1swa208 squid[29306]: Starting new ntlmauthenticator helpers... 2014-10-29T10:45:02.610286+01:00 yel1swa208 squid[29306]: helperOpenServers: Starting 1/800 'ntlm_auth' processes 2014-10-29T10:45:02.619248+01:00 yel1swa208 squid[29306]: Starting new ntlmauthenticator helpers... 2014-10-29T10:45:02.620409+01:00 yel1swa208 squid[29306]: helperOpenServers: Starting 1/800 'ntlm_auth' processes 2014-10-29T10:45:02.629324+01:00 yel1swa208 squid[29306]: Starting new ntlmauthenticator helpers... 2014-10-29T10:45:02.630359+01:00 yel1swa208 squid[29306]: helperOpenServers: Starting 1/800 'ntlm_auth' processes 2014-10-29T10:45:02.639402+01:00 yel1swa208 squid[29306]: Starting new ntlmauthenticator helpers... 2014-10-29T10:45:02.640348+01:00 yel1swa208 squid[29306]: helperOpenServers: Starting 1/800 'ntlm_auth' processes 2014-10-29T10:45:02.649164+01:00 yel1swa208 squid[29306]: Starting new ntlmauthenticator helpers... 2014-10-29T10:45:02.650165+01:00 yel1swa208 squid[29306]: helperOpenServers: Starting 1/800 'ntlm_auth' processes Not sure if is a result of this, but after 10-20 mins the authentication process with ntlm slows down terribly (tested with wbinfo -t), and the users have some serious problem with the navigation. Follows the relevant part of squid.conf: # Ntlm Auth auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --debuglevel=0 auth_param ntlm children 800 #auth param ntlm keep_alive off authenticate_ttl 3 hour authenticate_ip_ttl 3 hour # Base Auth auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 200 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours And the relevant part of smb.conf: allow trusted domains = Yes winbind nested groups = Yes wins server = x.x.x.x winbind uid = 40000-90000000000000 winbind gid = 4000-100000000000000 winbind use default domain = yes winbind enum users = yes winbind enum groups = yes winbind cache time = 1000 winbind max clients = 600 The kerberos and samba authentication works perfectly, as follows: wbinfo -t checking the trust secret for domain YEL via RPC calls succeeded Any idea of why this? Please is pretty urgent to solve, it causing big problems... Cordially, Claudio. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
