In addition you need to add an option to squid_kerb_auth -s GSS_C_NO_NAME
otherwise the module will expect a HTTP/<proxy-name>
Markus
"SPG" <spggps...@gmail.com> wrote in message
news:1369208281267-4660187.p...@n4.nabble.com...
Hi,
I've read a lot of post about kerberos and load balancers, but I don't have
clear the configuration. I have work one squid with kerberos, but now I want
balance the service. I think that correct configuration is:
1º - Create a account o computer acount in AD
loadbalancer.abg.local
2º - Create a DNS direct and reverse for loadbalancer.abg.local with ip
virtual of balancer
4º - ktpass -princ HTTP/loadbalancer.abg.local@ABG.LOCAL -mapuser
loadbalancer\loadbalancer -pass admin1234 -crypto rc4-hmac-nt -ptype
krb5_nt_principal -out squid.keytab
3º - Copy keytab in all squids and configure its
4º - Put in proxy pack
return "PROXY loadbalancer.abg.corp:8080; DIRECT";
A lot of thanks.
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Kerberos-load-balancer-and-AD-tp4660187.html
Sent from the Squid - Users mailing list archive at Nabble.com.
