[squid-users] AD / Kerberos Issues
Rick
rchisholm at cyphersystems.com
Fri Nov 25 16:09:32 UTC 2016
FreeBSD 10.3 / Samba42 / Squid 3.5
All the net ads / kinit / keytab stuff seems okay however hitting Squid
from a Windows box using IE 11 results in repeated prompts for
credentials which then fails after 3 attempts.
Cache.log has:
negotiate_kerberos_auth.cc(610): pid=42160 :2016/11/25 10:51:37|
negotiate_kerberos_auth: DEBUG: Got 'YR
TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw==' from squid
(length: 59). negotiate_kerberos_auth.cc(663): pid=42160 :2016/11/25
10:51:37| negotiate_kerberos_auth: DEBUG: Decode
'TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw==' (decoded
length: 40).
I have seen others post similar errors, but I have not seen any
solutions.
current relevent squid config entry:
auth_param negotiate
program /usr/local/libexec/squid/negotiate_kerberos_auth -d -s
GSS_C_NO_NAME
Any help greatly appreciated.
More information about the squid-users
mailing list