Hi,
I have setup kerberos according to: http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirectory # klist Credentials cache: FILE:/tmp/krb5cc_0 Principal: HTTP/squid1.mdpt.local@MDPT.LOCAL Issued Expires Principal Feb 9 14:55:18 2015 Feb 10 00:55:18 2015 krbtgt/MDPT.LOCAL@MDPT.LOCAL Feb 9 14:55:20 2015 Feb 10 00:55:18 2015 HTTP/squid1.mdpt.local@MDPT.LOCAL # klist -v Credentials cache: FILE:/tmp/krb5cc_0 Principal: HTTP/squid1.mdpt.local@MDPT.LOCAL Cache version: 4 Server: krbtgt/MDPT.LOCAL@MDPT.LOCAL Client: HTTP/squid1.mdpt.local@MDPT.LOCAL Ticket etype: aes256-cts-hmac-sha1-96, kvno 3 Session key: aes128-cts-hmac-sha1-96 Ticket length: 1081 Auth time: Feb 9 14:55:18 2015 End time: Feb 10 00:55:18 2015 Ticket flags: enc-pa-rep, pre-authent, initial, forwardable Addresses: addressless Server: HTTP/squid1.mdpt.local@MDPT.LOCAL Client: HTTP/squid1.mdpt.local@MDPT.LOCAL Ticket etype: arcfour-hmac-md5, kvno 8 Ticket length: 1090 Auth time: Feb 9 14:55:18 2015 Start time: Feb 9 14:55:20 2015 End time: Feb 10 00:55:18 2015 Ticket flags: enc-pa-rep, pre-authent Addresses: addressless # ktutil -k /etc/krb5.keytab list /etc/krb5.keytab: Vno Type Principal Aliases 8 aes128-cts-hmac-sha1-96 HTTP/squid1.mdpt.local@MDPT.LOCAL When I try to test it with the following command I get the error: # /usr/local/libexec/squid/negotiate_kerberos_auth_test squid1.mdpt.local | awk '{sub(/Token:/,"YR"); print $0}END{print "QQ"}' | /usr/local/libexec/squid/negotiate_kerberos_auth -r -s HTTP/squid1.mdpt.local BH gss_accept_sec_context() failed: Miscellaneous failure (see text). unknown mech-code 2529639093 for mech unknown BH quit command I cannot find anything suitable for the error code. Could you, please, point me in the right direction? Any hint appreciated. regards, lk _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
