[squid-users] You MUST specify at least one Domain Controller.You can use either \ or / as separator between the domain name
Amos Jeffries
squid3 at treenet.co.nz
Fri Dec 19 14:46:04 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 20/12/2014 1:08 p.m., Ahmed Allzaeem wrote:
> If you look @ the logs , it seems it recognize a username when it
> allow , but when it deny it don’t recognize a username
>
The 407 is sent because there is nobody authenticated. Nobody
authenticated means no username.
> Plz look @ logs below : N username here , but I put the username
> "b"
>> 1418996889.943 2 192.168.1.5 TCP_DENIED/407 4189 GET
>> http://google.com/ - NONE/- text/html
One of teh 407 is before you put any username in. The second one is
after you entered username, but before its fully authenticated.
>
>
> Down here itc MISS , u will see the username "b" after the
> google.com
>> 1418996897.774 7830 192.168.1.5 TCP_MISS/302 1258 GET
>> http://google.com/ b DIRECT/74.125.232.228 text/html
>
> Compare both of them U will see that user "b" ibcluded when its
> allowed
>
> Im not sure why all of that slow in Kerberos ???!!!
You are not using Kerberos. You are using NTLM.
Kerberos is part of the "Negotiate" auth scheme.
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUlDorAAoJELJo5wb/XPRjBjkIANDA0SQMtglLVBj/6reDISIj
goYqOQzq4Aw5hP60RcDuIazo//mHTHLLFRof95hmIFCRlo3kHt4aF9EFKQ03gih1
+jvbQ4V2MdZq3+oJiULGhME73DjpZOe9mxhz5FZFMGkOazOd+LIVhipXeoJbK7As
BkpCqHnY7N0l4QtvwO85Ea+9jdSC5dws7CIcrN6+J49h7g/J5b7jQRgOdhm+2MoE
jg936RA8dM3i/usW7E/CRfdvAS4N7BUXtRsbk88I/YgRJhXRRhpl2FUOa9dCoJXT
ol1jibwWjyc1Kjsmn/MZLIBiMrhrBnNOSjSZXldGslEvRN60HptPxetQ4WDgpBw=
=L19J
-----END PGP SIGNATURE-----
More information about the squid-users
mailing list