[Samba] Called NTLMSSP after state machine was 'done'
Carlos Zottmann
carlos.zottmann at gmail.com
Wed May 31 13:11:44 GMT 2006
Andrew,
After some more tests, I am having the sense that using 'use_ntlm_negotiate
on' is slowing down Squid. I don´t have any data to support this, though.
Are there any reports about it?
Thanks in advance,
Carlos.
2006/5/4, Carlos Zottmann <carlos.zottmann at gmail.com>:
>
> Hi !!
>
> I have set 'use_ntlm_negotiate on' in squid.conf and it seems to have
> solved the problem. I am not using this proxy server in the production
> environment yet, but in the tests we conducted the problem didn´t show up
> anymore ...
>
> Thanks!!
> Carlos.
>
> 2006/5/3, Carlos Zottmann <carlos.zottmann at gmail.com>:
>
> > Hi !!
> >
> > Thanks for the answer, Andrew ...
> >
> > I have used both IE 6.0 and Firefox 1.5.0.2, and got the same problem
> > with both.
> > I will set 'use_ntlm_negotiate' in squid.conf and will let you know the
> > results ..
> >
> > Thanks again !!
> > Carlos.
> >
> > 2006/5/3, Andrew Bartlett <abartlet at samba.org>:
> > >
> > > On Tue, 2006-05-02 at 17:46 -0300, Carlos Zottmann wrote:
> > > Hi !!
> > >
> > > I am installing Squid-2.5 Stable 13, on a FedoraCore 5 x86_64 machine,
> > doing
> > > ntlm authentication through Samba 3.0.22, wich was installed via rpm.
> > >
> > > Everything is working fine except that the browser every now and then
> > asks
> > > for the username and password.
> >
> > Which browser?
> >
> > > I have done some basic samba tests, like wbinfo -t, wbinfo -u and
> > wbinfo -g,
> > > and everthing worked ok.
> > >
> > > Looking at squid´s cache.log , I found the following error:
> > >
> > > [2006/05/02 11:33:00, 1] libsmb/ntlmssp.c:ntlmssp _update(231)
> > > Called NTLMSSP after state machine was 'done'
> > >
> > > Have anyone run into this yet?
> >
> > I wonder if the issue is due to some change at our end. We may have
> > broken support where 'use_ntlm_negotiate' isn't set (in the squid
> > configuration). This option permits better security in any case, so
> > give it a try.
> >
> > Andrew Bartlett
> > --
> > Andrew Bartlett
> > http://samba.org/~abartlet/ <http://samba.org/%7Eabartlet/>
> > Authentication Developer, Samba Team http://samba.org
> > Student Network Administrator, Hawker College http://hawkerc.net
> >
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.2.2 (GNU/Linux)
> >
> > iD8DBQBEWHQHz4A8Wyi0NrsRAsg4AKCUlXThk6RMQYgEEBZ2SSIFvKsuJgCfdJSZ
> > AG5sUyIVIOobjSnMytQ2xN8=
> > =/4LS
> > -----END PGP SIGNATURE-----
> >
> >
> >
> >
>
More information about the samba
mailing list