On a new installation, I can not get the ntlm_auth working correctly:
Squid - v 3.5.20
2018/08/20 17:00:27| helperOpenServers: Starting 1/5 'ntlm_auth' processes
2018/08/20 17:00:27| WARNING: basicauthenticator #Hlpr243 exited
2018/08/20 17:00:27| Too few basicauthenticator processes are running (need 1/5)
2018/08/20 17:00:27| Starting new helpers
2018/08/20 17:00:27| helperOpenServers: Starting 1/5 'ntlm_auth' processes
2018/08/20 17:00:27| WARNING: basicauthenticator #Hlpr244 exited
2018/08/20 17:00:27| Too few basicauthenticator processes are running (need 1/5)
2018/08/20 17:00:27| Starting new helpers
2018/08/20 17:00:27| helperOpenServers: Starting 1/5 'ntlm_auth' processes
The ntlm_auth process respawns constantly, with the following error once the request & user authentication attempt is sent from the browser:
'helperOpenServers: Starting 1/10 'ntlm_auth' processes
username must be specified!'
Above is with auth_param ntlm # commented out but the same happens if ntlm is first.
squid.conf file contains:
auth_param ntlm program /usr/bin/ntlm_auth -–helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 10
auth_param basic program /usr/bin/ntlm_auth -–helper-protocol=squid-2.5-basic
auth_param basic children 5
acl AuthorizedUsers proxy_auth REQUIRED
http_access allow all AuthorizedUsers
The following ownerships are in place:
root:wbpriv /var/lib/samba/winbindd_privileged/
root:wbpriv /var/run/samba/winbindd/pipe
wbinfo - works for both plaintext & challenge/response
wbinfo -t works
/usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
works correctly - (if a space is left after the c basic, otherwise it complains about username - I've tried squid.conf leaving a space as well)
/usr/bin/ntlm_auth -–helper-protocol=squid-2.5-ntlmssp
gives BH SPNEGO request invalid prefix - assume related to Negotiate, but will investigate after basic authentication in case related).
I've looked at as many install instructions as possible, and this should be okay?
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
