Search squid archive

Strange NTLM problem.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear all,
 
i have a strange problem with my squid 3.5.19 and authentication NTLM.
On my configuration i have 2 auth method:
 
NTLM negotiated with ntlm_auth from samba 3
 
auth_param ntlm program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 200 startup=100 idle=10 concurrency=0
auth_param ntlm keep_alive on

and as a fallback basic ntlm
 
auth_param basic program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 25 startup=15 idle=5 concurrency=0
auth_param basic realm PROXY AUTHORIZATION REQUIRED
auth_param basic credentialsttl 30 minutes
 
TTL

authenticate_cache_garbage_interval 1 hours
authenticate_ttl 30 minutes
authenticate_ip_ttl 30 minutes

Groups identification with LDAPS
 
external_acl_type NAV children-max=200 children-startup=100 children-idle=10 ttl=1800 %LOGIN
/usr/local/squid/libexec/ext_ldap_group_acl -s sub -b "dc=domain,dc=xxx" -D "cn=squid,cn=Users,dc
=domain,dc=xxx" -w "password" -f "(&(objectclass=person)(sAMAccountName=%v)(membero
f=cn=%a,ou=INTERNET,ou=AAA,dc=domain,dc=xxx))" -S -K -H ldaps://domain.xxx:3269
 
... and all work very well.
Sometimes and randomly, my users reported to me that squid cannot do ntlm transparent authentication and request for user/password pair (falling back to ntlm basic).
Entering right credential does not work and to proceed further  users need to click on "abort" button many times.
 
On my cache.log i see:
 
Login for user [DOMAIN][userx]@[PC_XXX] failed due to [Access denied]
NTLMSSP BH: NT_STATUS_ACCESS_DENIED
2016/06/27 22:59:06 kid1| ERROR: NTLM Authentication validating user. Result: {result=BH, notes={mes
sage: NT_STATUS_ACCESS_DENIED; }}
2016/06/27 23:00:02| Set Current Directory to /squid/log
2016/06/27 23:10:01| Set Current Directory to /squid/log
2016/06/27 23:20:01| Set Current Directory to /squid/log
2016/06/27 23:21:09 kid1| Logfile: opening log stdio:/var/log/squid/netdb.state
2016/06/27 23:21:09 kid1| Logfile: closing log stdio:/var/log/squid/netdb.state
 
every times a user receive credential request.
After aborting each requests squid do, users can surf the internet without problems and i cannot replicate the issue.
Trying to close the browser, clear cache, and going to the same site does not produce same error.
Stopping squid, remove cache, starting squid does not produce same error.
It's totally random and i'm going mad to understand why.
Can someone help me to debug and understand the problem?
Any help will be appreciated.
 
Many thanks.
Giulius.

----
ZE-Light e ZE-Pro: servizi zimbra per caselle con dominio email.it, per tutti i dettagli clicca qui

Sponsor:
Registra i domini che desideri ed inizia a creare il tuo sito web
Clicca qui

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux