Hello Amos, Thanks.
[squid.conf] auth_param ntlm program /usr/bin/ntlm_auth SUCOM_NET/MUSSURUNGA --helper-protocol=3Dsquid-2.5-ntlmssp auth_param ntlm children 20 # Quantidade de processos ntlm abertos #auth_param ntlm max_challenge_reuses 0 #auth_param ntlm use_ntlm_negotiate off #auth_param ntlm max_challenge_lifetime 5 minutes auth_param basic program /usr/bin/ntlm_auth SUCOM_NET/MUSSURUNGA --helper-protocol=3Dsquid-2.5-basic auth_param basic children 5 auth_param basic realm Proxy SUCOM_NET auth_param basic credentialsttl 2 hours I did not understand what should be done, please explain if you can get very grateful! On Wed, Jan 25, 2012 at 12:18 AM, Amos Jeffries <[email protected]> wrote: > > On 25.01.2012 13:24, João Paulo Ferreira wrote: >> >> Hello >> >> Sorry my English is not the same as good. >> >> I have installed in my company with Squid 3.1.4 (Winbind, Samba, Kerberos), >> but I have noticed the following message in the file caches.log >> * >> got NTLMSSP command 3, expected 1* >> > > This is a message NTLM helpers often produce when trying to handle Kerberos > packets. > > Without seeing the squid.conf auth_param settings you used it is hard to be > sure. > But I think you used Samba ntlm_auth and forgot the SPNEGO parameter to > change it from NTLM to Negotiate auth protocol. > ntlm_auth --helper-format=gss-spnego > > http://www.samba.org/samba/docs/man/manpages-3/ntlm_auth.1.html > > If that does not work use the squid_kerb_auth helper to perform > Negotiate/Kerberos. > > > PS. please also update to a more recent squid. 3.1.16 or later work a lot > better with NTLM. > > Amos -- Atenciosamente, João Paulo Ferreira Computer Science Student + 55 (71) 9297 - 1260 [email protected] "Nunca diga para Deus que você tem um grande problema, diga sim, para o seu problema que você tem um grande Deus."
