Hi,
I have solved the Error 1054.Buy I also have this error.
Type: Error
User: N/A
Source: Application Error
Category: (100)
EventID: 1000
Description:
Faulting application mswin_ntlm_auth.exe, version 0.0.0.0, faulting module msvcrt.dll, version 7.0.3790.3959, fault address 0x00037e23.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
This is my configuration in squid.conf:
auth_param ntlm program c:/squid/libexec/mswin_ntlm_auth.exe -d
auth_param ntlm children 50
auth_param basic program c:/squid/libexec/mswin_ntlm_auth.exe -d
auth_param basic children 50
auth_param basic keep_alive on
auth_param ntlm keep_alive on
auth_param negotiate keep_alive on
auth_param basic credentialsttl 5 minutes
external_acl_type AD_global_group %LOGIN c:/squid/libexec/mswin_check_ad_group.exe -D cajadeburgos.des -G -d
acl GProxyUsers external AD_global_group c:/squid/etc/DomainUsers
acl dstcomun dstdomain "C:/squid/etc/comun.acl"
acl ntlm-users proxy_auth REQUIRED
http_access allow ntlm-users GProxyUsers
When a user open the first time a web page in a Browser, the user and domain are send and the proxy allow the web, but the next times the user and domain aren't send and the proxy don´t allow the web and in the event Viwer Aplication sow the EventID 1000.
It can see in the file access.log
1242042166.237 782 172.24.4.123 TCP_MISS/302 612 GET http://go.microsoft.com/fwlink/? dodes\administrator DIRECT/64.4.52.189 text/html
1242042166.831 593 172.24.4.123 TCP_MISS/403 1010 GET http://runonce.msn.com/runonce3.aspx dodes\administrator DIRECT/213.199.181.20 text/html
1242042177.426 0 172.24.4.123 TCP_DENIED/407 1782 GET http://www.google.es/ - NONE/- text/html
Thank you.
Verónica Delgado
Depto. Sistemas
CAJA DE BURGOS
C: 947 258 495
: vdelgado_at_cajadeburgos.es
-----Mensaje original-----
De: Guido Serassio [mailto:guido.serassio_at_acmeconsulting.it]
Enviado el: martes, 12 de mayo de 2009 19:46
Para: Delgado Contreras, Verónica; squid-users_at_squid-cache.org
Asunto: R: [squid-users] RE: Error with ntlm authentication
Hi,
The errors that you can see in the event log of your machine are not related to Squid, but are the symptom of some malfunction in the acces to AD from the machine itself.
So likely any ntlm problem could be related.
But, what is the helpers command line in squid.conf ?
Regards
Guido Serassio
Acme Consulting S.r.l. - Microsoft Certified Partner
Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY
Tel. : +39.011.9530135 Fax. : +39.011.9781115
Email: info_at_acmeconsulting.it
WWW: http://www.acmeconsulting.it/
> -----Messaggio originale-----
> Da: Delgado Contreras, Verónica [mailto:vdelgado_at_cajadeburgos.es]
> Inviato: martedì 12 maggio 2009 8.20
> A: squid-users_at_squid-cache.org
> Oggetto: [squid-users] RE: Error with ntlm authentication
>
>
> Hello,
>
> I´m testing Squid 3 for Windows. I try to configure squid with ntlm
> authentication but I have a error in event viewer-Application.
>
> Type: Error
> User: NT AUTHORITY\SYSTEM
> Computer: LOBO
> Source: Userenv
> Category: None
> Event ID: 1054
> Description:
> Windows cannot obtain the domain controller name for your computer network.
> (An unexpected network error occurred. ). Group Policy processing aborted.
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
>
>
>
> And the “cache .log” show this:
>
>
>
> ntlm-auth[2828](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> build Mar 6 2009, 23:32:18 starting up...
> ntlm-auth[2828](ntlm_auth.c:391): SSPI initialized OK
> ntlm-auth[796](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> build Mar 6 2009, 23:32:18 starting up...
> ntlm-auth[796](ntlm_auth.c:391): SSPI initialized OK
> ntlm-auth[5620](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> build Mar 6 2009, 23:32:18 starting up...
> ntlm-auth[5620](ntlm_auth.c:391): SSPI initialized OK
> ntlm-auth[2864](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> build Mar 6 2009, 23:32:18 starting up...
> ntlm-auth[2864](ntlm_auth.c:391): SSPI initialized OK
> ntlm-auth[5644](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> build Mar 6 2009, 23:32:18 starting up...
> ntlm-auth[5644](ntlm_auth.c:391): SSPI initialized OK
> 2009/05/11 12:56:47| helperOpenServers: Starting 5
> 'mswin_check_ad_group.exe' processes
> ntlm-auth[3248](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> build Mar 6 2009, 23:32:18 starting up...
> ntlm-auth[3248](ntlm_auth.c:391): SSPI initialized OK
> ntlm-auth[5980](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> build Mar 6 2009, 23:32:18 starting up...
> ntlm-auth[5980](ntlm_auth.c:391): SSPI initialized OK
> /mswin_check_ad_group.exe[3012]: Member of Domain DODES
>
> /mswin_check_ad_group.exe[3012]: Into forest cajadeburgos.des
>
> /mswin_check_ad_group.exe[3012]: External ACL win32 group helper build Mar
> 6 2009, 23:48:40 starting up...
>
> /mswin_check_ad_group.exe[3012]: Domain Global group mode enabled using
> 'cajadeburgos.de' as default domain.
>
> ntlm-auth[5664](ntlm_auth.c:385): c:/squid/libexec/mswin_ntlm_auth.exe
> build Mar 6 2009, 23:32:18 starting up...
> ntlm-auth[5664](ntlm_auth.c:391): SSPI initialized OK
> /mswin_check_ad_group.exe[1160]: Member of Domain DODES
>
> /mswin_check_ad_group.exe[1160]: Into forest cajadeburgos.des
>
> /mswin_check_ad_group.exe[1160]: External ACL win32 group helper build Mar
> 6 2009, 23:48:40 starting up...
>
> /mswin_check_ad_group.exe[1160]: Domain Global group mode enabled using
> 'cajadeburgos.de' as default domain.
>
> /mswin_check_ad_group.exe[3268]: Member of Domain DODES
>
> /mswin_check_ad_group.exe[3268]: Into forest cajadeburgos.des
>
> /mswin_check_ad_group.exe[3268]: External ACL win32 group helper build Mar
> 6 2009, 23:48:40 starting up...
>
> /mswin_check_ad_group.exe[3268]: Domain Global group mode enabled using
> 'cajadeburgos.de' as default domain.
>
> /mswin_check_ad_group.exe[5656]: Member of Domain DODES
>
> /mswin_check_ad_group.exe[5656]: Into forest cajadeburgos.des
>
> /mswin_check_ad_group.exe[5656]: External ACL win32 group helper build Mar
> 6 2009, 23:48:40 starting up...
>
> /mswin_check_ad_group.exe[5656]: Domain Global group mode enabled using
> 'cajadeburgos.de' as default domain.
>
> 2009/05/11 12:56:47| User-Agent logging is disabled.
> 2009/05/11 12:56:47| Referer logging is disabled.
> /mswin_check_ad_group.exe[3016]: Member of Domain DODES
>
> /mswin_check_ad_group.exe[3016]: Into forest cajadeburgos.des
>
> /mswin_check_ad_group.exe[3016]: External ACL win32 group helper build Mar
> 6 2009, 23:48:40 starting up...
>
> /mswin_check_ad_group.exe[3016]: Domain Global group mode enabled using
> 'cajadeburgos.de' as default domain.
>
> 2009/05/11 12:56:47| Unlinkd pipe opened on FD 428
> 2009/05/11 12:56:47| Local cache digest enabled; rebuild/rewrite every
> 3600/3600 sec
> 2009/05/11 12:56:47| Swap maxSize 1024000 KB, estimated 78769 objects
> 2009/05/11 12:56:47| Target number of buckets: 3938
> 2009/05/11 12:56:47| Using 8192 Store buckets
> 2009/05/11 12:56:47| Max Mem size: 8192 KB
> 2009/05/11 12:56:47| Max Swap size: 1024000 KB
> 2009/05/11 12:56:48| Version 1 of swap file with LFS support detected...
> 2009/05/11 12:56:48| Rebuilding storage in c:/squid/var/cache (CLEAN)
> 2009/05/11 12:56:48| Using Least Load store dir selection
> 2009/05/11 12:56:48| Set Current Directory to c:/squid/var/cache
> 2009/05/11 12:56:48| Loaded Icons.
> 2009/05/11 12:56:48| Accepting HTTP connections at 172.25.49.11, port 80,
> FD 434.
> 2009/05/11 12:56:48| HTCP Disabled.
> 2009/05/11 12:56:48| Ready to serve requests.
> 2009/05/11 12:56:48| Done reading c:/squid/var/cache swaplog (951 entries)
> 2009/05/11 12:56:48| Finished rebuilding storage from disk.
> 2009/05/11 12:56:48| 951 Entries scanned
> 2009/05/11 12:56:48| 0 Invalid entries.
> 2009/05/11 12:56:48| 0 With invalid flags.
> 2009/05/11 12:56:48| 951 Objects loaded.
> 2009/05/11 12:56:48| 0 Objects expired.
> 2009/05/11 12:56:48| 0 Objects cancelled.
> 2009/05/11 12:56:48| 0 Duplicate URLs purged.
> 2009/05/11 12:56:48| 0 Swapfile clashes avoided.
> 2009/05/11 12:56:48| Took 0.34 seconds (2766.19 objects/sec).
> 2009/05/11 12:56:48| Beginning Validation Procedure
> 2009/05/11 12:56:48| Completed Validation Procedure
> 2009/05/11 12:56:48| Validated 1927 Entries
> 2009/05/11 12:56:48| store_swap_size = 8024
> 2009/05/11 12:56:49| storeLateRelease: released 0 objects
> ntlm-auth[3376](ntlm_auth.c:227): Got 'YR
> TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0
> RPREVT' from Squid
> ntlm-auth[3376](ntlm_auth.c:183): attempting SSPI challenge retrieval
> ntlm-auth[3376](ntlm_auth.c:186): Got it
> ntlm-auth[3376](ntlm_auth.c:266): sending 'TT
> TlRMTVNTUAACAAAACgAKADgAAAAFgomiDSA9TjNm89EAAAAAAAAAAJQAlABCAAAABQLODgAAAA
> 9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1
> AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC
> 4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to
> squid
> ntlm-auth[3376](ntlm_auth.c:227): Got 'KK
> TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA
> C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz
> ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMAMpWZ5BGDLckAAAAAAAAAAAAAAAAAAAAA11H7te
> bZ4CuRk+g95Dm0zM6uiw9ortI2' from Squid
> ntlm-auth[3376](libntlmssp.c:269): checking domaicn: 'DODES', user:
> 'Administrator'
> /mswin_check_ad_group.exe[3012]: Got 'dodes%5Cadministrator
> c:/squid/etc/DomainUsers' from Squid (length: 46).
>
> /mswin_check_ad_group.exe[3012]: Valid_Global_Groups: checking group
> membership of 'dodes\administrator'.
>
> /mswin_check_ad_group.exe DsGetDcName() failed.'
> ntlm-auth[5888](ntlm_auth.c:227): Got 'YR
> TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0
> RPREVT' from Squid
> ntlm-auth[5888](ntlm_auth.c:183): attempting SSPI challenge retrieval
> ntlm-auth[5888](ntlm_auth.c:186): Got it
> ntlm-auth[5888](ntlm_auth.c:266): sending 'TT
> TlRMTVNTUAACAAAACgAKADgAAAAFgomiKm9ZWYx42iUAAAAAAAAAAJQAlABCAAAABQLODgAAAA
> 9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1
> AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC
> 4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to
> squid
> ntlm-auth[5888](ntlm_auth.c:227): Got 'KK
> TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA
> C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz
> ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMAeSeUuCuU9W8AAAAAAAAAAAAAAAAAAAAAS1A3HJ
> C0hQNSHHJkIAWFKfpFuYbbQSY3' from Squid
> ntlm-auth[5888](libntlmssp.c:269): checking domain: 'DODES', user:
> 'Administrator'
> ntlm-auth[1488](ntlm_auth.c:227): Got 'YR
> TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0
> RPREVT' from Squid
> ntlm-auth[1488](ntlm_auth.c:183): attempting SSPI challenge retrieval
> ntlm-auth[1488](ntlm_auth.c:186): Got it
> ntlm-auth[1488](ntlm_auth.c:266): sending 'TT
> TlRMTVNTUAACAAAACgAKADgAAAAFgomieoupMy56RPkAAAAAAAAAAJQAlABCAAAABQLODgAAAA
> 9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1
> AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC
> 4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to
> squid
> ntlm-auth[1488](ntlm_auth.c:227): Got 'KK
> TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA
> C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz
> ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMA1ZT+19V97OkAAAAAAAAAAAAAAAAAAAAA8Blnof
> qUp9IgkhbtwIrMXehHu2rY9CmE' from Squid
> ntlm-auth[1488](libntlmssp.c:269): checking domain: 'DODES', user:
> 'Administrator'
> ntlm-auth[2968](ntlm_auth.c:227): Got 'YR
> TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0
> RPREVT' from Squid
> ntlm-auth[2968](ntlm_auth.c:183): attempting SSPI challenge retrieval
> ntlm-auth[2968](ntlm_auth.c:186): Got it
> ntlm-auth[2968](ntlm_auth.c:266): sending 'TT
> TlRMTVNTUAACAAAACgAKADgAAAAFgomiUIsf25S7gqMAAAAAAAAAAJQAlABCAAAABQLODgAAAA
> 9EAE8ARABFAFMAAgAKAEQATwBEAEUAUwABAAgATABPAEIATwAEACAAYwBhAGoAYQBkAGUAYgB1
> AHIAZwBvAHMALgBkAGUAcwADACoATABPAEIATwAuAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC
> 4AZABlAHMABQAgAGMAYQBqAGEAZABlAGIAdQByAGcAbwBzAC4AZABlAHMAAAAAAA==' to
> squid
> ntlm-auth[2968](ntlm_auth.c:227): Got 'KK
> TlRMTVNTUAADAAAAGAAYAIoAAAAYABgAogAAAAoACgBIAAAAGgAaAFIAAAAeAB4AbAAAAAAAAA
> C6AAAABYKIogUBKAoAAAAPRABPAEQARQBTAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAVwAz
> ADAANgA0AFMASQBTAFQARQBNADQAMQAyADMAbyG+h4SorQUAAAAAAAAAAAAAAAAAAAAAd77QUF
> RWePBef5FF6BB6B9Zglk4maUIg' from Squid
> ntlm-auth[2968](libntlmssp.c:269): checking domain: 'DODES', user:
> 'Administrator'
> ntlm-auth[4072](ntlm_auth.c:227): Got 'YR
> TlRMTVNTUAABAAAAB7IIogUABQA3AAAADwAPACgAAAAFASgKAAAAD1czMDY0U0lTVEVNNDEyM0
> RPREVT' from Squid
> ntlm-auth[4072](ntlm_auth.c:183): attempting SSPI challenge retrieval
> ntlm-auth[4072](ntlm_auth.c:186): Got it
>
>
>
>
>
>
>
>
> What can be the problem?.
>
> Thanks.
>
>
> Verónica Delgado
> Depto. Sistemas
> CAJA DE BURGOS
> C: 947 258 495
> : vdelgado_at_cajadeburgos.es
>
Received on Wed May 13 2009 - 07:11:14 MDT
This archive was generated by hypermail 2.2.0 : Thu May 14 2009 - 12:00:01 MDT