Squid proxy and Windows 2008 R2

Hello everyone, I have a problem :pensive: .
I set the Nethserver as a member of domain (Windows 2008 R2) and file server. Everything works perfectly: I create shares and grant rights to groups / Windows users.

wbinfo -g and wbinfo -u return the groups and users list from AD.

After I installed the service proxy “authenticated”.
When calling a site from browser, it requires user and password but does not accept any value.

In /var/log/squid/cache.log I have this error:

6/24/2015 0:08:08 KID1 | Accepting HTTP Socket connections at local = [::]: 3128 remote = [::] FD 12 flags = 9
6/24/2015 0:08:09 KID1 | storeLateRelease: released 0 objects
6/24/2015 1:13:32 KID1 | Starting new negotiateauthenticator helpers ...
6/24/2015 1:13:32 KID1 | helperOpenServers: Starting 1/10 'negotiate_kerberos_auth' processes
6/24/2015 1:13:32 KID1 | ERROR: Negotiate Authentication validating user. Error returned 'BH received type 1 NTLM token'
6/24/2015 1:17:18 KID1 | ERROR: Negotiate Authentication validating user. Error returned 'BH received type 1 NTLM token'
6/24/2015 1:17:22 KID1 | ERROR: Negotiate Authentication validating user. Error returned 'BH received type 1 NTLM token'

I searched and searched but … no solution. Any ideas?

Yes! Enable testing repo in NethServer repo list, and install updates , there is a new KERB update on proxy!

Thanks for your answer!

I enabled the testing repo (on /etc/yum.repos.d/NethServer.repo) and I upgraded.
The squid version now is

squid -v
Squid Cache: Version 3.3.13

It is my first experience with yum (I always used apt).

I tried

yum --enablerepo = nethserver-testing update nethserver-firewall-base-base nethserver nethserver-squid
Loaded plugins: changelog, fastestmirror, nethserver_events soon
Setting up Update Process
Loading mirror speeds from cached HostFile

but the situation does not change.

because you didn’t update/upgrade any package


yum --enablerepo = nethserver-testing list *kerb*

and see if there are any package… if so

yum --enablerepo = nethserver-testing update packagename

yum update -y
nethserver-squid noarch 1.3.6-1.ns6
nethserver-squidguard noarch 1.3.1-1.ns6

never user -y flag with testing repo enabled, it’s a bad habit

and, generally speaking, never use -y flag using yum…

i trust NethServer dev team :slight_smile:

Now it works perfectly .
( before the update )

I had two problems .
The first was related to the settings of the browser : the proxy must be indicated with FQN , with IP not working .
The second was related to the client with Windows 2003, which still does not work while the windows 8 pc work properly .


@enzoturri its cool , dance :slight_smile:

1 Like

with all the respect I owe to them, when I install anything on my servers, before doing it, I read WHAT will be installed (or updated o removed)…

dependencies are evil, remember

I saw “yum -y remove package” destroy a server… package was not a important package itself, its dependencies were…


threr is no EPEL , only NS repo , it couldnot be harmfull and if is a bug , write bug report and i shure it will be close :slight_smile:

my point of view is different…

first rule of a sysadm is “trust no one, neither yourself (memory, sight, knowledge)”


1 Like

it is true for Linux system at all , but when you setup OpenWRT or NS that contains only trusted repo , you should not worry!

BTW @zamboni’s point of view is justified

you’re a young boy, only time will tell/teach :wink:

topic closed for me

not so young , but we helped topic starter ! @alefattorini Close topic pls .

I work in a virtual machine specific for this test … with many restore points .
We can close the topic.

I repeat the steps on a clean machine.
thanks @nas @zamboni

@alessio should we add a “Solved” tag to the topic title?

Tag added and topic closed. Next Discourse version will have that