combor@gazeta.pl
2007-Apr-17 17:49 UTC
[Samba] problem setting ntlm authentication for apache using mod_auth_winbind
Hello list, I'm trying to set up ntlm authentication for using mod_auth_winbind. Unfortunately during the "ntlm dance" some errors occurs. It complains about Oversized message, Invalid request and ntlm_auth goes to defunc... ( broken pipe as we can see in apache error log file ) apache 31623 31578 1 19:25 ? 00:00:00 [ntlm_auth] <defunct> Log file from apache is here: http://ncpnc.obsysa.net/combor/apache_arror.log I was trying to trace problem with strace but logfile contains nothing useful ( except the broken pipe information :) ). http://ncpnc.obsysa.net/combor/strace.log My share definition looks like below. Alias /auth/ntlm/ "/var/www/auth/ntlm/" <Directory "/var/www/auth/ntlm/"> AuthType NTLM NTLMAuth on NegotiateAuth off NTLMBasicAuth on NTLMAuthHelper "/usr/bin/ntlm_auth -d10 --option='auth methods winbind' --helper-protocol=squid-2.5-ntlmssp" NTLMBasicAuthoritative off Require valid-user </Directory> Host is correctly joined to AD and users can browse thru samba shares. The most useful information about errors are in attached log files so im not going to repeat them here. Is there any other information I could supply to resolve the problem? thanks in advance and best regards
Mogens Kjaer
2007-May-18 13:53 UTC
[Samba] problem setting ntlm authentication for apache using mod_auth_winbind
combor@gazeta.pl wrote:> Hello list, > > I'm trying to set up ntlm authentication for using mod_auth_winbind. > > Unfortunately during the "ntlm dance" some errors occurs. It > complains about Oversized message, Invalid request and ntlm_auth > goes to defunc... ( broken pipe as we can see in apache error log file ) > apache 31623 31578 1 19:25 ? 00:00:00 [ntlm_auth] <defunct> > > Log file from apache is here: > http://ncpnc.obsysa.net/combor/apache_arror.log > > > I was trying to trace problem with strace but logfile contains > nothing useful ( except the broken pipe information :) ). > > http://ncpnc.obsysa.net/combor/strace.log > > My share definition looks like below. > > Alias /auth/ntlm/ "/var/www/auth/ntlm/" > > <Directory "/var/www/auth/ntlm/"> > AuthType NTLM > NTLMAuth on > NegotiateAuth off > NTLMBasicAuth on > NTLMAuthHelper "/usr/bin/ntlm_auth -d10 --option='auth methods > winbind' --helper-protocol=squid-2.5-ntlmssp" > NTLMBasicAuthoritative off > Require valid-user > > </Directory> > > Host is correctly joined to AD and users can browse thru samba shares. > > The most useful information about errors are in attached log files > so im not going to repeat them here. > > Is there any other information I could supply to resolve the problem?Did you ever find a solution to this problem? Mogens -- Mogens Kjaer, Carlsberg A/S, Computer Department Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark Phone: +45 33 27 53 25, Fax: +45 33 27 47 08 Email: mk@crc.dk Homepage: http://www.crc.dk
Possibly Parallel Threads
- problem setting ntlm authentication for apache using mod_auth_winbind
- Combining mod_auth_winbind with other authorization modules
- winbindd + mod_ntlm_winbind, why do we need "net join ..." ?
- 'winbind use default domain' doesn't appear to work with ntlm_auth
- mod_ntlm_winbind