Cannot login using active directory members

Hi,

I have joined nethserver 6.7 to active directory as a member. I have added filter for AD user and set webproxy as authenticated. But I am unable login a from browser Its not accepting credentials.

Thank you,
Vasu,

Please show us some logs :wink:

Thanks for reply.
Please specify the location where can I get the log files and also what are the log files I need to provide you.

-vasu

any update regarding the issue.please specify which logs I have display here.

Make sure you clients access the proxy using the fully qualified domain name and not the ip address.
Then enable the debug by removing the comment from this line in /etc/squid/squid.conf:
#debug_options ALL,1 33,2 28,9

Try to authenticate with a client and then search /var/log/squid/cache.log for any error.

Log Data:

Reconfiguring Squid Cache (version 3.3.13)… 2016/05/27 12:26:15 kid1| Closing HTTP port [::]:3128 2016/05/27 12:26:15 kid1| Logfile: closing log daemon:/var/log/squid/access.log 2016/05/27 12:26:15 kid1| Logfile Daemon: closing log daemon:/var/log/squid/access.log 2016/05/27 12:26:15 kid1| Startup: Initializing Authentication Schemes … 2016/05/27 12:26:15 kid1| Startup: Initialized Authentication Scheme ‘basic’ 2016/05/27 12:26:15 kid1| Startup: Initialized Authentication Scheme ‘digest’ 2016/05/27 12:26:15 kid1| Startup: Initialized Authentication Scheme ‘negotiate’ 2016/05/27 12:26:15 kid1| Startup: Initialized Authentication Scheme ‘ntlm’ 2016/05/27 12:26:15 kid1| Startup: Initialized Authentication. 2016/05/27 12:26:15 kid1| Processing Configuration File: /etc/squid/squid.conf (depth 0) 2016/05/27 12:26:15 kid1| Warning: empty ACL: acl no_cache dstdomain “/etc/squid/acls/no_cache.acl” 2016/05/27 12:26:15 kid1| WARNING: use of ‘reload-into-ims’ in ‘refresh_pattern’ violates HTTP 2016/05/27 12:26:15 kid1| Initializing https proxy context 2016/05/27 12:26:15 kid1| Logfile: opening log daemon:/var/log/squid/access.log 2016/05/27 12:26:15 kid1| Logfile Daemon: opening log /var/log/squid/access.log 2016/05/27 12:26:15 kid1| Squid plugin modules loaded: 0 2016/05/27 12:26:15 kid1| Adaptation support is off. 2016/05/27 12:26:15 kid1| Store logging disabled 2016/05/27 12:26:15 kid1| DNS Socket created at [::], FD 10 2016/05/27 12:26:15 kid1| DNS Socket created at 0.0.0.0, FD 11 2016/05/27 12:26:15 kid1| Adding domain localdomain from /etc/resolv.conf 2016/05/27 12:26:15 kid1| Adding domain localdomain from /etc/resolv.conf 2016/05/27 12:26:15 kid1| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2016/05/27 12:26:15 kid1| helperOpenServers: Starting 5/20 ‘squidGuard’ processes 2016/05/27 12:26:16 kid1| helperOpenServers: Starting 0/10 ‘negotiate_kerberos_auth’ processes 2016/05/27 12:26:16 kid1| helperStatefulOpenServers: No ‘negotiate_kerberos_auth’ processes needed. 2016/05/27 12:26:16 kid1| helperOpenServers: Starting 0/30 ‘ntlm_auth’ processes 2016/05/27 12:26:16 kid1| helperStatefulOpenServers: No ‘ntlm_auth’ processes needed. 2016/05/27 12:26:16 kid1| HTCP Disabled. 2016/05/27 12:26:16 kid1| Loaded Icons. 2016/05/27 12:26:16 kid1| Accepting HTTP Socket connections at local=[::]:3128 remote=[::] FD 22 flags=9 2016/05/27 12:28:06 kid1| Starting new negotiateauthenticator helpers… 2016/05/27 12:28:06 kid1| helperOpenServers: Starting 1/10 ‘negotiate_kerberos_auth’ processes 2016/05/27 12:28:06 kid1| ERROR: Negotiate Authentication validating user. Error returned ‘BH received type 1 NTLM token’ 2016/05/27 12:28:06 kid1| ERROR: Negotiate Authentication validating user. Error returned ‘BH received type 1 NTLM token’ 2016/05/27 12:28:12 kid1| ERROR: Negotiate Authentication validating user. Error returned ‘BH received type 1 NTLM token’ 2016/05/27 12:28:25 kid1| ERROR: Negotiate Authentication validating user. Error returned ‘BH received type 1 NTLM token’ 2016/05/27 12:28:38 kid1| ERROR: Negotiate Authentication validating user. Error returned ‘BH received type 1 NTLM token’ 2016/05/27 12:28:41 kid1| ERROR: Negotiate Authentication validating user. Error returned ‘BH received type 1 NTLM token’