[squid-users] Negotiate wrappter returns AF = on Debian Jessie
Amos Jeffries
squid3 at treenet.co.nz
Thu Mar 24 07:49:41 UTC 2016
On 18/03/2016 7:29 a.m., James Zuelow wrote:
> Hello -
>
> I have Squid 3.4.8 installed on Debian Jessie.
>
> I'm using the negotiate wrapper configured like this:
>
> auth_param negotiate program /usr/lib/squid3/negotiate_wrapper_auth -d \
> --kerberos /usr/lib/squid3/negotiate_kerberos_auth -s HTTP/proxy.domain.local at DOMAIN.LOCAL \
> --ntlm /usr/bin/ntlm_auth --helper-protocol=gss-spnego --domain=DOMAIN.LOCAL
>
"--helper-protocol=gss-spnego" configures Negotiate/Kerberos, not
Negotiate/NTLM.
For Negotiate/NTLM what you need is "--helper=squid-2.5-ntlmssp"
Or, drop the wrapper helper entirely and just use:
auth_param negotiate program /usr/bin/ntlm_auth \
--helper-protocol=gss-spnego --domain=DOMAIN.LOCAL
Amos
More information about the squid-users
mailing list