Squid proxy and Windows 2008 R2

Hello everyone, I have a problem :pensive: .
I set the Nethserver as a member of domain (Windows 2008 R2) and file server. Everything works perfectly: I create shares and grant rights to groups / Windows users.

wbinfo -g and wbinfo -u return the groups and users list from AD.

After I installed the service proxy ā€œauthenticatedā€.
When calling a site from browser, it requires user and password but does not accept any value.

In /var/log/squid/cache.log I have this error:

6/24/2015 0:08:08 KID1 | Accepting HTTP Socket connections at local = [::]: 3128 remote = [::] FD 12 flags = 9
6/24/2015 0:08:09 KID1 | storeLateRelease: released 0 objects
6/24/2015 1:13:32 KID1 | Starting new negotiateauthenticator helpers ...
6/24/2015 1:13:32 KID1 | helperOpenServers: Starting 1/10 'negotiate_kerberos_auth' processes
6/24/2015 1:13:32 KID1 | ERROR: Negotiate Authentication validating user. Error returned 'BH received type 1 NTLM token'
6/24/2015 1:17:18 KID1 | ERROR: Negotiate Authentication validating user. Error returned 'BH received type 1 NTLM token'
6/24/2015 1:17:22 KID1 | ERROR: Negotiate Authentication validating user. Error returned 'BH received type 1 NTLM token'

I searched and searched but ā€¦ no solution. Any ideas?
thanks

Yes! Enable testing repo in NethServer repo list, and install updates , there is a new KERB update on proxy!

Thanks for your answer!

I enabled the testing repo (on /etc/yum.repos.d/NethServer.repo) and I upgraded.
The squid version now is

squid -v
Squid Cache: Version 3.3.13

It is my first experience with yum (I always used apt).

I tried

yum --enablerepo = nethserver-testing update nethserver-firewall-base-base nethserver nethserver-squid
Loaded plugins: changelog, fastestmirror, nethserver_events soon
Setting up Update Process
Loading mirror speeds from cached HostFile

but the situation does not change.

because you didnā€™t update/upgrade any package

try

yum --enablerepo = nethserver-testing list *kerb*

and see if there are any packageā€¦ if so

yum --enablerepo = nethserver-testing update packagename

yum update -y
nethserver-squid noarch 1.3.6-1.ns6
nethserver-squidguard noarch 1.3.1-1.ns6

never user -y flag with testing repo enabled, itā€™s a bad habit

and, generally speaking, never use -y flag using yumā€¦

i trust NethServer dev team :slight_smile:

Now it works perfectly .
( before the update )

I had two problems .
The first was related to the settings of the browser : the proxy must be indicated with FQN , with IP not working .
The second was related to the client with Windows 2003, which still does not work while the windows 8 pc work properly .

Thanks

@enzoturri its cool , dance :slight_smile:

1 Like

with all the respect I owe to them, when I install anything on my servers, before doing it, I read WHAT will be installed (or updated o removed)ā€¦

dependencies are evil, remember

I saw ā€œyum -y remove packageā€ destroy a serverā€¦ package was not a important package itself, its dependencies wereā€¦

YMMV

threr is no EPEL , only NS repo , it couldnot be harmfull and if is a bug , write bug report and i shure it will be close :slight_smile:
http://dev.nethserver.org/projects/nethserver/repository/nethserver-squid

my point of view is differentā€¦

first rule of a sysadm is ā€œtrust no one, neither yourself (memory, sight, knowledge)ā€

YMMV

1 Like

it is true for Linux system at all , but when you setup OpenWRT or NS that contains only trusted repo , you should not worry!

:heart_eyes:
BTW @zamboniā€™s point of view is justified

youā€™re a young boy, only time will tell/teach :wink:

topic closed for me

not so young , but we helped topic starter ! @alefattorini Close topic pls .

I work in a virtual machine specific for this test ā€¦ with many restore points .
We can close the topic.

I repeat the steps on a clean machine.
thanks @nas @zamboni

@alessio should we add a ā€œSolvedā€ tag to the topic title?

Tag added and topic closed. Next Discourse version will have that