The problem has been asked and replied many times on both the squid-users list and on the web, I have read them all, and tried to solve the problem. 2012/01/11 | squid_kerb_auth: DEBUG: Decode 'Tl RMTVNTUAABAAAAl4II4g AAAAAAAAAAAAAAAAAAAAAGAb Ed AAAADw==' (decoded length: 40).
2012/01/11 | squid_kerb_auth: WARNING: received type 1 NTLM token 2012/01/11 | authenticate Negotiate Handle Reply: Error validating user via Negotiate.
Thanks again, and sorry for my English if it disturbs a lot.At this time, the goal is to authenticate users from Active Directory and log the user and the websites they are accessing.I followed the official guide Examples/Authenticate/Ntlm. ___ squid-users mailing list [email protected] make sure Internet Explorer is set to use Integrated Windows Authentication (IWA).But if you look at you will see that it still gets NTLM 1 token instead of kerberos."2012/01/12 | negotiate_wrapper: received type 1 NTLM token" I have also checked the credentials on client side with 'Network Identify Manager' When I try to get new credentials it gives this error; "Could not obtain Kerberos v4 credentials" But my client seems to got Kerberos v5 credentials, since after trying this, time stamp renewed to 10hours.Add " all" to the right hand end of the "deny AD_Bloqueados" line to prevent that. You have not configued your Squid to offer Kerberos. If the client is pre-empting the initial 407, by sending Kerberos credentials. FYI: Basic authentication is ironically more secure than NTLM these days.