[squid-users] AD / Kerberos Issues

Rick rchisholm at cyphersystems.com
Fri Nov 25 16:09:32 UTC 2016

FreeBSD 10.3 / Samba42 / Squid 3.5

All the net ads / kinit / keytab stuff seems okay however hitting Squid
from a Windows box using IE 11 results in repeated prompts for
credentials which then fails after 3 attempts.

Cache.log has:

negotiate_kerberos_auth.cc(610): pid=42160 :2016/11/25 10:51:37|
negotiate_kerberos_auth: DEBUG: Got 'YR
(length: 59). negotiate_kerberos_auth.cc(663): pid=42160 :2016/11/25
10:51:37| negotiate_kerberos_auth: DEBUG: Decode
length: 40).

I have seen others post similar errors, but I have not seen any

current relevent squid config entry:

auth_param negotiate
program /usr/local/libexec/squid/negotiate_kerberos_auth -d -s

Any help greatly appreciated.

More information about the squid-users mailing list