Hi all,
I have setup a squid server with ntlm and dansguardian 2.9.9.8 to track users via their AD username. I can now have AD username in both squid and DG access log. But the problem is sometimes all of a sudden it asks for users AD credentials. Upon giving it works fine again but cancelled then gives this below message which is logical:
PHP Code:
ERROR
Cache Access Denied
--------------------------------------------------------------------------------
While trying to retrieve the URL:
http://cnn.com/index.htm
The following error was encountered:
Cache Access Denied.
Sorry, you are not currently allowed to request:
http://cnn.com/index.htm from this cache until you have authenticated yourself.
You need to use Netscape version 2.0 or greater, or Microsoft Internet Explorer 3.0, or an HTTP/1.1 compliant browser for this to work. Please contact the cache administrator if you have difficulties authenticating yourself or change your default password.
--------------------------------------------------------------------------------
Generated Mon, 29 Sep 2008 03:47:31 GMT by PROXY (squid/2.5.STABLE6)
Currently using IE7.
Below is the settings that I did in squid.conf for NTLM
PHP Code:
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 30
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 hour
auth_param ntlm use_ntlm_negotiate on
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
.....
.......
acl manager proto cache_object
acl authenticated_users proxy_auth REQUIRED
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
...
.....
#Recommended minimum configuration:
#
# Only allow cachemgr access from localhost
##http_access deny !Safe_ports
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
#http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
http_access allow authenticated_users
Now when the login prompt comes it gives these meessages in /var/log/squid/cache.log
PHP Code:
[2008/09/29 13:38:37, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(615)
Got user=[testuser] domain=[XYZ] workstation=[PC21] len1=24 len2=24
[2008/09/29 13:39:11, 3] utils/ntlm_auth.c:winbind_pw_check(427)
Login for user [XYZ][testuser]@[PC21] failed due to [Reading winbind reply failed!]
2008/09/29 13:39:11| The request GET http://search.live.com/LS/GLinkPing.aspx?/_1_9SE/1?http://tech.groups.yahoo.com/group/dansguardian/messages/18643&&DI=6244&IG=f1b620695fed47daa019283cf6d85804&ID=SERP,78 is DENIED, because it matched 'authenticated_users'
[2008/09/29 13:39:12, 3] utils/ntlm_auth.c:winbind_pw_check(427)
Login for user [XYZ][testuser]@[PC21] failed due to [Reading winbind reply failed!]
Any idea how to stop this password prompt.
Thanks in advance.
