Hi again, just for documentation: I figured out what the problem was. According to the previously mentioned configuration example [1] one can use these encryption modes inside /etc/krb5.conf: > ; for Windows 2003 > > default_tgs_enctypes = rc4-hmac des-cbc-crc des-cbc-md > default_tkt_enctypes = rc4-hmac des-cbc-crc des-cbc-md > permitted_enctypes = rc4-hmac des-cbc-crc des-cbc-md5 or > ; for Windows 2008 with AES > > default_tgs_enctypes = aes256-cts-hmac-sha1-96 rc4-hmac des-cbc-crc des-cbc-md5 > default_tkt_enctypes = aes256-cts-hmac-sha1-96 rc4-hmac des-cbc-crc des-cbc-md5 > permitted_enctypes = aes256-cts-hmac-sha1-96 rc4-hmac des-cbc-crc des-cbc-md5 Actually, if you use the old method (without aes and --enctypes 28), you only can use the IP adress for your squid server instead of a DNS name. Btw: One shouldn't use the old method if it's not needed - at least for security reasons. [1] http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirectory Best, Schinken --- Backspace e.V. http://hackerspace-bamberg.de mail: schinken@xxxxxxxxxxxxxxxxxxxxxx xmpp: schinken@xxxxxxxxxxx (otr) GPG: FFB7 E40D B2DD D24C C9B7 B5C5 703C F8B8 882C 871E
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
