On 8/12/2015 4:00 p.m., Marcio Demetrio Bacci wrote:
> I have changed my authentication block as below, but is not working.
>
> The proxy user is a Read Only Domain Controller member. The password is
> correct.
>
> Samba4, krb5-user and winbindd are installed and work perfectly. Do I need
>
On 8/12/2015 7:44 p.m., Alex Samad wrote:
> Hi
>
> Currently using 3.1 (from centos 6)
> I have setup squid to auth against MS AD
>
> I have
> # ###
> # Negotiate
> # ###
>
> # http://wiki.squid-cache.org/Features/Authentication
> #
On 8/12/2015 7:35 p.m., Alex Samad wrote:
> Hi
>
> Any suggestions on how to debug this... I wouldn't mind rolling
> forward to 3.5 again
>
Some ideas inline. The main ones are:
* re-enable cache.log. It is not optional.
* try an upgrade to 3.5.12. There were some regressions in the .10/.11
On Tue, Dec 8, 2015 at 6:14 PM, Marcio Demetrio Bacci
wrote:
> Hi
>
> In the Squid Server, I want only basic authentication.
>
> The command:
>
> /usr/lib/squid3/basic_ldap_auth \
>-b cn=users,dc=empresa,dc=com,dc=br \
>-D cn=proxy,cn=users,dc=empresa,dc=com,dc=br
Hi
So what your saying is I should install the mskutil and let it manage
the squid krb keytab file.
Could you possible help with the changed to the squid.conf file do I
leave as is and just add kerberos first ?
On 8 December 2015 at 20:03, Amos Jeffries wrote:
> On
Hi,
The issue appears if you use the same AD account for samba and the
kerberos keytab creation. As samba will reset the password of the AD
account and thereby invalidate the extracted keytab.
Markus
"Alex Samad" wrote in message
Hi Alex,
Yes I talk about the AD computer account password.
Markus
"Alex Samad" wrote in message
news:CAJ+Q1PVw1rrSvMUjzqbp_QNUAVwN=r7rqrg0lt94hv3v3o9...@mail.gmail.com...
so when I do kinit I should use a different account to the samba one.
I'm lost sorry.
when I attach with winbind,
Hi All,
I've read a few articles that indicate squid-3.5 and below doesn't support
ssl-bump'ing ECDHE ciphers.
Is this correct? If so, is it possible to create/structure acl and ssl-bump
rules to splice on unsupported ciphers?
I've looked through the available ACL options and doesn't seem
so when I do kinit I should use a different account to the samba one.
I'm lost sorry.
when I attach with winbind, I kinit with my personal admin account and
also do a net ads join -U .
the password on the doesn't / hasn't changed.
are you talking about the computer account password ?
if so,
Hi,
I changed the parameter, but I received the following error:
basic_ldap_auth: WARNING, LDAP search error 'Operations error'
ERR Success
The command line used:
/usr/lib/squid3/basic_ldap_auth \
-b dc=empresa,dc=com,dc=br \
-D cn=proxy,cn=users,dc=empresa,dc=com,dc=br -w test_12345 \
On 9/12/2015 1:59 p.m., Michael Hendrie wrote:
> Hi All,
>
> I've read a few articles that indicate squid-3.5 and below doesn't support
> ssl-bump'ing ECDHE ciphers.
>
> Is this correct?
That is correct.
> If so, is it possible to create/structure acl and ssl-bump rules to splice on
>
Hey Patrick,
Can you use some paste for the conf?(maybe http://fpaste.org/) it is
really unclear.
I am almost sure you are using the windows version so what version are
you using? where did you got it from?
Basically in some cases it is expected from the proxy to slow down the
connection
On 9/12/2015 1:50 p.m., Patrick Flaherty wrote:
> Hi,
>
>
>
> My Squid Server is much slower to go through than direct access to the
> internet. I would expect it to be slower but not dramatically slower. Any
> tips to speed it up? It's only used to access 8 whitelisted domains. I am
> not
13 matches
Mail list logo