Hi Marko,
Squid's kerberos helper has debug mode. Just add '-d' switch to
'auth_param negotiate program /usr/sbin/squid_kerb_auth' string in
squid.conf file.
Also here are some useful information and tips:
http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos#Troubleshooting_Tools
Best wishes,
Pavel
On 10/14/2013 06:10 PM, Marko Cupać wrote:
I am trying to set up kerberos authentication in the following environment:
Kerberos server: Windows 2008 R2 domain controller
Proxy OS: FreeBSD 9.2-RELEASE amd64
Squid version: squid-3.3.9
The problem is the fact that kerberos authentication sporadically starts
to work (no auth popups, cache log shows username of authenticated user)
without any apparent reason, and then later it stops working (popping up
auth window) showing the following in cache.log:
2013/10/14 17:00:10 kid1| ERROR: Negotiate Authentication validating user.
Error returned 'BH gss_acquire_cred() failed: No credentials were supplied, or
the credentials were unavailable or inaccessible.. unknown mech-code 0 for mech
unknown'
I have no idea how to start troubleshooting. Any tips?
