Elvar wrote:
I know I'm beating a dead dog asking about this but I still haven't
seen a resolution. Can anyone out there tell me how to fix this? When
this happens my users cannot get past the Squid proxy and are
presented with an authentication popup window in their browser which
does not let them past until the 200 connections limit is no longer
maxed out. There are probably 500 computers total at this facility and
sometimes more than 200 connections is needed.
That doesn't sound right... Squid aggressively caches the lookups so
that winbind doesn't have to keep doing it - you really shouldn't be
hitting that limit. Check your "credentialsttl" settings - they should
be 2hours or the like.
Argh. I've just google'd this: it only applies to Basic auth. I bet
you're using NTLM? Due to the hokey way (technical term ;-) NTLM works,
Squid can't cache the lookups as much (from a posting in 2003 - can't
find anything newer).
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
