Hi Markus
This problem is solved now. I rebootet the client, which results in
clearing the client-kerberos cache. Now I'm able to authenticate and I
can use the squid_kerb_ldap-helper.
Thanks a lot for your hints.
Regards
Tom
2010/7/1 Tom Tux tomtu...@gmail.com:
Hi Markus
Thank you.
So,
Hello list,
I just wanted to post the results with valgrind.
Unfortunately the memcheck thread needs so much CPU that I could not
put a high load on the squid as maximum only about 5-10 req/s.
# ./squid -v
Squid Cache: Version 3.1.3
configure options: '--prefix=/appl' '--localstate=/var'
Sorry for my late reply, Henrik. I want to be able to use an empty
realm because we use Digest Auth in conjunction with an LDAP backend.
In this LDAP backend the admin can specifiy combinations of
realm:password or realm:H(A1). The empty realm would thus lead
to either password or H(A1) standing
Hi
I've found several documents describing that IE6 SP1 doesn't support
kerberos-authentication and other documents like
http://support.microsoft.com/kb/299838 which describes a solution, how
I can enable the kerberos-authentication in IE6.
I've enabled it and rebootet the client, but I'm not
Hi,
Sorry, You cannot.
IE6 supports Kerberos Auth only for Web server authentication, not for proxy
Authentication.
Kerberos support for proxy authentication was first added in IE7, but you
cannot use it on Windows 2000
On Windows 2000 Firefox works fine with Kerberos proxy
Good Morning!!!,
Amos thx for yur answer.
Now i'm facing a new problem at start of compiling:
In file included from md5.c:34:
../md5.h:27: error: expected specifier-qualifier-list before ‘UINT4’
../md5.h:36: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before
‘PROTO_LIST’
Hi,
I'm facing these error message when I do a make to compile Squid 3.1.4:
In file included from md5.c:34:
../md5.h:27: error: expected specifier-qualifier-list before ‘UINT4’
../md5.h:36: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before
‘PROTO_LIST’
../md5.h:37: error: expected
Khaled Blah wrote:
Sorry for my late reply, Henrik. I want to be able to use an empty
realm because we use Digest Auth in conjunction with an LDAP backend.
In this LDAP backend the admin can specifiy combinations of
realm:password or realm:H(A1). The empty realm would thus lead
to either
Luis Daniel Lucio Quiroz wrote:
Hi
I wonder if there is a specifiq way to identify what sites has been logged by
a dns resolution error?
Not easily in the current Squid. A logging upgrade is underway for the
future release to record error pages sent.
Meanwhile your DNS server logs are
Luis Daniel Lucio Quiroz wrote:
Hi
I wonder if there is a specifiq way to identify what sites has been logged by
a dns resolution error?
Meh. Just sent off the other reply and thought of ipcache.
The squid ipcache records all DNS for a period, it lists the NXDOMAIN
lookups as N flagged
Hi Guido
OK, thank you for this answer.
I'm already using FireFox with W2K...and this works really fine.
Regards,
Tom
2010/7/1 Guido Serassio guido.seras...@acmeconsulting.it:
Hi,
Sorry, You cannot.
IE6 supports Kerberos Auth only for Web server authentication, not for proxy
Hi all,
If I want to deny the access, for example, to google and I want that every
google web site (in any language) cannot be accessed, can I write an acl
like the following?
--
acl googleDomains dstdom_regex -i .*\.google\..*
http_access deny googleDomains
--
or i have to use
You could have used a tool like kerbtray or just lock and unlock the PC
which would have refreshed the cache.
Regards
Markus
Tom Tux tomtu...@gmail.com wrote in message
news:aanlktiljgrnzru9wxivap0tj22onxaknjanbczlvs...@mail.gmail.com...
Hi Markus
This problem is solved now. I rebootet the
What is you access config ? Maybe you have a line which gives also
unauthenticated users access to hotmail.
BTW Do you want the workgroup users to have access after authentication ? I
tested that it might work if you provide via dhcp a WINS server which has an
entry for the Kerberos domain.
The normal digest ldap helper in plain text passord mode expects just the plain
text password in ldap, without realm.
If you store H(A1) value then it`s always realm specific. And to my knowledge
there is no basic auth helper capable of verifying to a H(A1) value but
technically it can be done
Hi
1) 1.2.1a is just a minor patch version to 1.2.1.
2) This happens only when you use the -d debug option
3) You can use the options -u BIND_DN -p BIND_PW -b BIND_PATH -l LDAP_URL
4) If they have different access needs then that is the only way. If they
have the same access right you can
Alberto Cappadonia wrote:
Hi all,
If I want to deny the access, for example, to google and I want that every
google web site (in any language) cannot be accessed, can I write an acl
like the following?
--
acl googleDomains dstdom_regex -i .*\.google\..*
http_access deny googleDomains
Babelo Gmvsdm wrote:
Hi,
I'm facing these error message when I do a make to compile Squid 3.1.4:
Please send reports of compile errors to squid-dev where the people who
can fix it reside.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.4
The Squid HTTP Proxy team is very pleased to announce the
availability of the Squid-3.1.5 release!
This release brings fixes for several bugs found in the previous release.
Users seeing unexpected re-authentication challenges with NTLM and
Kerberos are advised to check
19 matches
Mail list logo
