Authenticatenegotiatehandlereply error validating user via negotiate

Error returned 'BH gss_acquire_cred() failed: No credentials were supplied, or the credentials were unavailable or inaccessible..

RU dns_lookup_kdc = yes dns_lookup_realm = yes default_keytab_name = HTTP_webproxy.keytab kdc_timesync = 1 ticket_lifetime = 24h forwardable = true proxiable = true # for win2008 default_tgs_enctypes = aes256-cts-hmac-sha1-96 rc4-hmac des-cbc-crc des-cbc-md5 default_tkt_enctypes = aes256-cts-hmac-sha1-96 rc4-hmac des-cbc-crc des-cbc-md5 permitted_enctypes = aes256-cts-hmac-sha1-96 rc4-hmac des-cbc-crc des-cbc-md5 [realms] DOMAIN. RU --kerberos /usr/lib/squid3/squid_kerb_auth -d -i -s GSS_C_NO_NAME # maximum number of authenticator processes to spawn auth_param negotiate children 10 auth_param negotiate keep_alive off http_access allow AUTH http_access deny all squid_kerb_auth: ERROR: gss_accept_sec_context() failed: Unspecified GSS failure. authenticate Negotiate Handle Reply: Error validating user via Negotiate.

latest log: 2013/12/22 | squid_kerb_auth: ERROR: gss_acquire_cred() failed: Unspecified GSS failure. 2013/12/22 | squid_kerb_auth: INFO: User not authenticated 2013/12/22 | authenticate Negotiate Handle Reply: Error validating user via Negotiate.

Error returned 'BH gss_acquire_cred() failed: Unspecified GSS failure. ' 2013/12/22 | squid_kerb_auth: DEBUG: Got 'YR YIIFGg YGKw YBBQUCo IIFDj CCBQqg JDAi Bgkqhki C9x IBAg IGCSq GSIb3Eg ECAg YKKw YBBAGCNw ICCq KCBOAEgg Tc YIIE2AYJKo ZIhvc SAQICAQBugg THMIIEw6ADAg EFo QMCAQ6i Bw MFACAAAACjgg Pu YYID6j CCA ag Aw IBBa EPGw1ERUVQTEF ZRVIu Q09Noigw Jq ADAg ECo R8w HRs ESFRUUBs Vc HJve Hkw Mi5k ZWVwb GF5ZXIu Y29to4IDoj CCA56g Aw IBF6EDAg EPoo IDk ASCA4x YMd5ZQQj XOr NC15UCPB xft E/133s2qkj3/9qc0q XXu Eqs ZJA0ACwn5PI6bu99V/Om WO1h5Qrz5VLE0Kcsn08f J1e Nfp R3pz Chn Cl3zq9L8DJVnhmr TI0R0z/WWq Tno Ft AOk W9l N db JRhs Nr Qc7Ifbo Sd YGFk HXk RMdn HFtd Uv9ts11dr DGse Ug U0xl5Bs OSbvq Fz LYXr00s1F4 4sc2q TRe Rflo E b Hc f Ke FFFb F4O6zpv8re Gp JKAAlm1no FYGzg H84PI0npon5cz3pwy6b SR5e8A1l QDaid24Yns5i6l3N8b Hpwqh Vi2s Jre Ng XQz RQfbdqo9TEw FGAURip81F/8tgjt Yq Mtv Gt/z OBqr8Rf UNl Ks CE8 DJ6FUu54gy7y Ax Jh IOY7q ZAP1rf NGZYd QOMw Raj Au VO22Ga V DOqy N7p LX6i53PM01Jwx Xh RZQWL 56M31Ot Mx IWCzjw/LMr7Owl Gjx6akr41Bfc GJjqc5Y/mm4Nbi AXyup Sl1u BVLRv Ioi93Rpa Bl Fpdns 9C10Dga R6ZRh w1DFy AFs0ff Fw7Zd XGfi Tx Q6Vf3AQ5CBOXMVxrb18f7/5Zk MRiy DUEz PGZw WK2l HAQ 0/Wq 2IS Ddeqrqt6fkcis XNn72Cicin NZa KXITcbl J0o CYOdi SQPw Ft KPp AEtqoru1DBRku HF0F3d WGHZFb LUx Fs WGz7VHXy Ux Cav Oi9m X1YJg WJYy RZcrb EDU /433LLil/Sx Guy ARHHQ6ECw Uzifjzzp3s U7/PKNT2ke BDO4dr Tu R9C pj Uyv4hzo Zp WKEDK SHy CEij DELSO5ug6n16Sntlsdl4GF/Rrt Fw Jhy29 o DZ36V2fz Gxu NNz Rz UGBRY8 f Nqx Ls Do R7325Jtwm Pe8fs Rigaqc0Yck82l5ks TPa Ckh2kh Cz7LBj MKXXu E6e Dh RXaiwce VCWUsop TDi KNra Vx ELf Vn SLE1gmf4jc6Dr5TWWy2emj/xx TX2s9UZo6zo Kv XJHckchs O13glo3wf Aqk Ddh Vs55BXr Le8Fb FPhr3q P64Qi Xyg/Y3r63Mz0ypbr Xtj6Lx/LCgs FD7Jvce HU L9xb KT4Qx3p Go b L1nkmpe Ew X u Us8cfd OAWwr1so ADt Bv/ehyjd9r Qt Vbb OO/e ZTXy Fk4mi S7x VGYsma Lcwrej RZyn Nk Ozqjw IYSIwn Zusuzjckzyv HTu GJWV5MJ5GES6SBuz CBu KADAg EXoo Gw BIGt Bz5un RKYDFz HSAXV3j9y1t Dc KNst559K3Im Q8YWOTaouv3 GIPta8 AIIowgdz PHt F5b VDTDQacn Vm Yr CB 39t L f97ZU i DFRqt LDh15GBLkv XWccdtu FRHOKPAPI3d J7H7Y8w4ku 4L2Qd KY4tw JKFb Ab2j1/Uuv8Q4T9E5z3h5 b A2g Mwm CJEu JFGwghn7zi6w Stf5Ovdgq5Yeh SLD0h/1FBZkf GH4ZOOl Q=' from squid (length: 1751).

EXAMPLE (arcfour-hmac) I can run kinit -k HTTP/proxy-dev-k.domain.example_at_DOMAIN. My squid config is been cut down to be simple: visible_hostname proxy-dev.domain.example auth_param negotiate program /usr/lib64/squid/squid_kerb_auth -i -d -s HTTP/proxy-dev-k.domain.example_at_DOMAIN.

I think the AD should be made compatible with every version of windows, not only with windows 20.I should make more tests to be sure that was on of the problems.Now, I see the negotiate, and the ticket received seems far better (logs below).tail -f /var/log/squid/2015/03/05 | authenticate Negotiate Handle Reply: Error validating user via Negotiate.Error returned 'BH received type 1 NTLM token' 2015/03/05 | authenticate Negotiate Handle Reply: Error validating user via Negotiate.

Search for authenticatenegotiatehandlereply error validating user via negotiate:

authenticatenegotiatehandlereply error validating user via negotiate-79authenticatenegotiatehandlereply error validating user via negotiate-42authenticatenegotiatehandlereply error validating user via negotiate-70

This guide originally showed you how to configure Squid to authenticate with Pam.

Leave a Reply

Your email address will not be published. Required fields are marked *

One thought on ā€œauthenticatenegotiatehandlereply error validating user via negotiateā€