Re: [squid-users] SquidNT 2.5 STABLE3 + NTLM = Access Denied.

From: Nicko <[email protected]>
Date: Sat, 6 Sep 2003 16:36:54 +0200

Still in trouble with SquidNT and NTLM authentication...

I search a lot on google and on this mailing list...

I tried the Microsoft patch Q331906 and the registry editing found from a
post from this mailing list
(http://support.microsoft.com/default.aspx?scid=kb;EN-US;312176)
It still doesn't work ...

And the worse thing, i just have to uncomment my basic authentication lines
and comment the ntlm authentication lines, restart Squid and everything
works ...

May be it's because i dont use a Domain ?
Please, if someone use SquidNT with NTLM, give me atleast your network / nt
configuration...

Thanks

Nicko

----- Original Message -----
From: "Nicko" <nicko@free.fr>
To: <squid-users@squid-cache.org>
Sent: Thursday, September 04, 2003 9:02 AM
Subject: [squid-users] SquidNT 2.5 STABLE3 + NTLM = Access Denied.

> Hello,
>
> I tried to use NTLM (Basic with NTAUTH and GROUP_CHECK works perfectly)
but
> with NTLM that doesn't work.
>
> my squid.conf:
> auth_param ntlm program c:/progra~1/squid/libexec/ntlm_win32_auth.exe
> auth_param ntlm children 5
> auth_param ntlm max_challenge_reuses 0
> auth_param ntlm max_challenge_lifetime 2 minutes
>
> my acl:
> external_acl_type NT_local_group %LOGIN
> c:/progra~1/squid/libexec/win32_check_group.exe
> acl LProxyUsers external NT_local_group LProxyUsers
> acl password proxy_auth REQUIRED
> http_access allow password LProxyUsers
> http_access deny all
>
> my config:
> SquidNT is installed on a french Windows 2000 Pro SP4, i created a local
> group LProxyUsers with 2 accounts (Administrateur the local admin, and
> Administrator the admin of my XP Client) I tried with two clients :
Windows
> XP Pro US and the Windows 2000 directly...
> I get an error message in IE : the page cannot be displayed ...
>
> In the SquidNT log i found :
> 1062618185.984 0 192.168.1.2 TCP_DENIED/407 1690 GET
> http://www.google.fr/ - NONE/- text/html
> 1062618186.031 31 192.168.1.2 TCP_DENIED/407 1702 GET
> http://www.google.fr/ - NONE/- text/html
>
> I repeat with basic, it's work perfectly...
>
> Any idea ??
>
> Thanks
>
> Nicko
>
>
>
Received on Sat Sep 06 2003 - 08:37:00 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:34 MST