[squid-users] please, can someone help me with the negotiate kerberos?
Rafael Silva Daniel
rafaelsilvadaniel at gmail.com
Sun Feb 16 19:16:29 UTC 2020
Hey guys! im still testing it, but i think i found my mistake, so i will let
it here for future reference
i compared the way i arranged things in my test enviroment between the
production enviroment, e noticed some differences in the keytab, i still
dont know if its obligatory, im still testing it, but when i deleted the
keytab, the account for the keytab in ad, the account for the machine in the
active directory, and created another one, i used a different name for HTTP/
like, the way i did that dont worked:
msktutil -c -b "CN=COMPUTERS" -s HTTP/squid2.domain.local -k
/etc/squid/HTTP.keytab --computer-name squid2 --upn HTTP/squid2.domain.local
--server dc01.domain.local --verbose --enctypes 28
the way i did that worked:
msktutil -c -b "CN=COMPUTERS" -s HTTP/squidproxy.domain.local -k
/etc/squid/HTTP.keytab --computer-name squid2 --upn
HTTP/squidproxy.domain.local --server dc01.domain.local --verbose --enctypes
28
--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
More information about the squid-users
mailing list