On 19.09.2016 13:39, Silamael Darkomen wrote: > > > On 16.09.2016 22:11, Markus Moeller wrote: >> Hi Silamael, >> >> Can you perform a kinit user@xxxxxxxxxxx ? Does the squid user >> have read access to krb5.conf ? >> >> Markus > > Hello Markus, > > Yes, the permissions are correctly set up so that Squid and it's > processes can read every file needed. > For it seems that the Heimdal library ignores the dns_lookup_kdc and > dns_lookup_realm options in the krb5.conf... > As written in my other response, the helper also crashes at the end. > I'll take a look on the stack trace... Ok, found one problem. Under OpenBSD I had some hack that the external helper was linked against libbind (the bind resolver library) instead of libc (as the helper uses some defines which have different names in the OpenBSD libc). This caused that the Heimdal libs used also the Bind resolver library instead of the libc resolver. And this lead to an error in the getaddrinfo() call due to invalid ai_flags. After patching the helper to compile with the libc now a new problem comes up: When binding to the LDAP server the helper uses SASL/GSSAPI. And then ldap_sasl_interactive_bind_s failes with "Unknown authentication method". Is there anything special that must be given on the Windows side? Or what's wrong now? -- Matthias _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
