Hello Markus, Thank you for your reply. As suggest below are result of klist -kt. Keytab name: FILE:/etc/squid/HTTP.keytab KVNO Timestamp Principal ---- ----------------- -------------------------------------------------------- 2 10/26/10 17:44:45 HTTP/[email protected] 2 10/26/10 17:44:45 HTTP/[email protected] 2 10/26/10 17:44:45 HTTP/[email protected]
one thing to be add, may be it helps!! i am facing this problem after raising Forest and Domain functional level to 2008, before this user authentication was working fine. Regards, Sarfraz ----- Original Message ----- From: Markus Moeller <[email protected]> To: [email protected] Cc: Sent: Friday, January 3, 2014 5:35 PM Subject: [squid-users] Re: Keytab client not found in kerberos database Hi Sarfraz, Which helpers do you run ? The message you see is most probably from the kerberos_ldap_group helper and means that when the helper tries to authenticate to AD the AD entry with an attribute userprincipalname=HTTP/<squid-fqdn> can not be found. squid-fqdn being the name you have in your squid keytab ( You can check with klist -kt <squid.keytab> if you use MIT or ktutil -k <squid.keytab> list for Heimdal). Markus "***some text missing***" wrote in message news:[email protected]... Hi, Today i am having error in squid cache.log "error while initialising credentials from keytab client not found in kerberos database squid".. My clients that are authenticating through Active Directory fails to browse internet on other hand IP Based access is working fine. Please help to resolve this error. Thanks. Regards, Sarfraz
