[squid-users] problem with basic_ldap_auth

[masterx81]

Hi to all!
I'm having an issue on squid 3.3.13 using basic_ldap_auth.
I'm using the following helpers:
auth_param negotiate program /usr/local/bin/negotiate_wrapper --ntlm
/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --domain=DOMAIN
--kerberos /usr/local/bin/squid_kerb_auth -s GSS_C_NO_NAME
auth_param negotiate children 10
auth_param negotiate keep_alive on

auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp --domain=DOMAIN
auth_param ntlm children 10
auth_param ntlm keep_alive on

auth_param basic program /usr/local/squid/libexec/basic_ldap_auth -v 3 -R -b
"dc=domain,dc=local" -D squid at domain.local -W /etc/squid/ldappass.txt -d -f
sAMAccountName=%s -h srv-dc1.domain.local
auth_param basic children 10
auth_param basic realm Proxy DOMAIN
auth_param basic credentialsttl 1 minute

NTLM and kerberos are working correctly, but the basic helper seem to not
work well. The browser ask me 3 times the password, then give me the cache
error. After this, windows save the credentials in it's cache (seen in
account manager) and if i close and reopen the browser it work but seem to
use NTLM as i get the ticket in the cache.log.
In che cache.log i not see any line of the basic helper also with the -d
switch.
If i call the helper manually from command line it works and give me "OK" if
i pass correct user/pass and "ERR Success" if i pass wrong credentials.

Before the 3.3.13 i was using a 3.4.x version, and all was working ok, but
i've had the need to go back as on 3.4 i have huge cpu utilization using
NTLM. On the 3.3.13 cpu usage is really low but seen that there is this
throuble with basic helpers....
Some have a suggestion for me?

Really thank for any help!



--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/problem-with-basic-ldap-auth-tp4667736.html
Sent from the Squid - Users mailing list archive at Nabble.com.