[squid-users] Squid 2.5 with NTLM Auth (Samba3) Locking out Accounts in Active Directory

From: Anthony Giggins <[email protected]>
Date: Tue, 20 Apr 2004 12:17:32 +1000

We are currently having an issue with account lock-outs which appear to be caused intermittantly by squid. It seems to mostly affect users logging into secure sites (ie. hotmail etc) but it doesn't seem to souly affect secure sites.

We're running Redhat 9.0 and squid 2.5/samba 3.0 was installed from source following the procedure below

http://itmanagers.net/article-4--0-0.html (not sure if this link is currently working)

Active Directory is currently running 3 Domain controllers all on Windows 2000 Server's

the uses seem to get prompted for basic Authentication when they're accounts get locked

Below are some messages from the /var/log/messages which from the forum archives seem that these aren't an issue

Apr 20 12:01:38 server winbindd[1220]: process_loop: Invalid request size from pid 28089: 1304 bytes sent, should be 1568
Apr 20 12:06:43 server winbindd[1220]: [2004/04/20 12:06:43, 0] libsmb/cliconnect.c:cli_session_setup_spnego(683)
Apr 20 12:06:43 server winbindd[1220]: Kinit failed: Cannot contact any KDC for requested realm
Apr 20 12:11:43 server winbindd[1220]: [2004/04/20 12:11:43, 0] libsmb/cliconnect.c:cli_session_setup_spnego(683)
Apr 20 12:11:43 server winbindd[1220]: Kinit failed: Cannot contact any KDC for requested realm

how can I troubleshoot the issue?
Received on Mon Apr 19 2004 - 20:15:52 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:02 MDT