Recently I configured Squid as Proxy Server with NTLM authentication in an Active Directory Domain. As I started to use the Proxy Server in conjunction with my browser an authentication pop up appeared all of the time and I was not able to Access the Internet. I checked the Cache.log of the Squid Server and found the following error message:
GENSEC login failed: NT_STATUS_UNSUCCESSFUL
ERROR: NTLM Authentication validating user. Result: {result=BH, notes={message: NT_STATUS_UNSUCCESSFUL NT_STATUS_UNSUCCESSFUL; }}
The cause of this Problem was a bug in the Samba version described in this bug Report:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754339
The pipe of the winbind daemon was created in the wrong Directory so the permission were wrong. The solution was to fix the permissions on the pipe with the following command:
chown root:winbindd_priv /var/lib/samba/winbindd_privileged/
