-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey Diego,
Can you take a look at the bug report and help pinpoint the issue please?
http://bugs.squid-cache.org/show_bug.cgi?id=3997
I am pretty sure it's unique to auth only but I want to verify that
external_acl helpers do not affect this issue.
On Sat, Oct 25, 2014 at 11:20 AM, Alan wrote:
> I had the same problem when I tried to move from 3.3 to 3.4. Because
> of this, I had to go back to 3.3.
>
> I don't remember the CPU being stuck at 100%, but it was certainly
> higher, and the Internet browsing experience was slower.
>
> I don't us
Hi Markus,
Yeah, it seemed so at the time. I tested with the same user on a Windows 7 and
2003 server. Worked fine on one and not the other. Since correcting permissions
on the keytab file it's working fine on both. Could also be a total coincidence
honestly. I've tried so many things I lost tr
Hi Pedro,
Good to know you solved it. From your post it sounded like XP worked and
Win 7 didn’t
Markus
"Pedro Lobo" wrote in message
news:75991cae-5f10-4635-b012-d372c27f8...@gmail.com...
Hi Markus,
I initially had it configured as such and changed it to auth_param negotiate
program /
I had the same problem when I tried to move from 3.3 to 3.4. Because
of this, I had to go back to 3.3.
I don't remember the CPU being stuck at 100%, but it was certainly
higher, and the Internet browsing experience was slower.
I don't use the NTLM helper, but I do use the Kerberos one, and also
Hi Markus,
I initially had it configured as such and changed it to `auth_param negotiate
program /usr/lib/squid3/negotiate_kerberos_auth -d -r -s
HTTP/proxy01tst.fake.net` as a troubleshooting step. I've since then changed it
back. Dan pointed out earlier that it could be a permissions problem,
Hi Pedro,
I wonder if he upper case in the name is a problem. Can you try
auth_param negotiate program /usr/lib/squid3/negotiate_kerberos_auth -d -r -s
GSS_C_NO_NAME
instead of
auth_param negotiate program /usr/lib/squid3/negotiate_kerberos_auth -d -r -s
HTTP/proxy01tst.fake.net
Markus
"
Hello, since Google switch definitely on SSL connection it seems there is no
way to filter semantic (with danguardian, squidguard or squid).
SSL Bump can help in this case, both on explicit or transparent proxying?
Is there another way to filter searches (and image searches!)?
Thank you!
France
Hi Dan,
Well now I feel incredibly stupid!!! Just checked and it seems something
must've changed the permissions on my keytab file (I did mention it was working
at one time). For some odd reason, although squid user and group both owned the
key tab file, only user had read permissions. I haven'
I was recently receiving this (incredibly vague) error. Turns out my squid user
didn’t have permission to read the keytab.
On Sat, Oct 25, 2014 at 8:37 PM, Pedro Lobo wrote:
> Hi Markus,
> I used msktutil to create the keytab.
> msktutil -c -s HTTP/proxy01tst.fake.net -h proxy01tst.fake.n
Hi Carlos,
Yeah, the Windows 7 machine is part of the domain. As for basic auth, I'll look
into setting that up too, although we were hoping to forgo it entirely.
On 25 Oct 2014, at 3:00, Carlos Defoe wrote:
> Windows 7 inside the domain?
>
> Anyway, you should configure a basic auth scheme as
Hi Markus,
I used msktutil to create the keytab.
msktutil -c -s HTTP/proxy01tst.fake.net -h proxy01tst.fake.net -k
/etc/squid3/PROXY.keytab --computer-name proxy01-tst --upn
HTTP/proxy01tst.fake.net --server srv01.fake.net --verbose
Output of klist -ekt:
2 10/24/2014 22:59:50
12 matches
Mail list logo
