Jason Haar wrote:
Elvar wrote:
I know I'm beating a dead dog asking about this but I still haven't
seen a resolution. Can anyone out there tell me how to fix this? When
this happens my users cannot get past the Squid proxy and are
presented with an authentication popup window in their browser which
does not let them past until the 200 connections limit is no longer
maxed out. There are probably 500 computers total at this facility
and sometimes more than 200 connections is needed.
That doesn't sound right... Squid aggressively caches the lookups so
that winbind doesn't have to keep doing it - you really shouldn't be
hitting that limit. Check your "credentialsttl" settings - they should
be 2hours or the like.
Argh. I've just google'd this: it only applies to Basic auth. I bet
you're using NTLM? Due to the hokey way (technical term ;-) NTLM
works, Squid can't cache the lookups as much (from a posting in 2003 -
can't find anything newer).
Jason,
You are right, I'm using NTLM to authenticate everyone to the AD domain.
Thanks for taking the time to read and reply though.
Kind regards,
Elvar
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
