samba - Apr 2004 - authenticating to an NTLM proxy from a Linux http cli ent

> -----Original Message-----
> From: Andrew Bartlett [mailto:abartlet@samba.org] 
> Sent: Sunday, 1 February 2004 9:14 PM
> > 
> > I understand that samba3 is able to provide NTLM 
> authentication, but I can't
> > see how it could be set up to pass on that authentication 
> to the proxy
> > server. Samba won't act as an in-between "transparent 
> proxy" that way, will it?
> > 
> 
> > Is there a solution I've missed? Is there any way samba can 
> be leveraged to
> > connect to the proxy server?  Or if it really Can't Be 
> Done, could someone
> > kindly say so and put me out of my misery?
> 
> Samba has an NTLMSSP client and server implementation, that 
> can be used
> by external programs.  The interface is currently not the 
> best, but you
> can call ntlm_auth over stdio to do the job.  (This presumes 
> you wish to
> modify the source to wget or apt-get).
> 
> This is in Samba 3.0.2, of which we just released rc2.
> 

It'd be nice to have the time to hack all the various unix clients to
support NTLM authenthication.

But wanting to just get the job done, I've found another solution: ntlmaps
(NTLM authentication proxy server).  It's home page is
http://ntlmaps.sourceforge.net/, but I packaged it up for Debian
(http://packages.debian.org/unstable/web/ntlmaps).
It lets me proxy for wget and apt-get.

Thanks anyway,

Drew Parsons
dparsons@emerall.com


DISCLAIMER: The information in this message is confidential and may be
legally privileged. It is intended solely for the addressee.  Access to this
message by anyone else is unauthorised.  If you are not the intended
recipient, any disclosure, copying, or distribution of the message, or any
action or omission taken by you in reliance on it, is prohibited and may be
unlawful.  Please immediately contact the sender if you have received this
message in error. Thank you.

You could also use squid see
http://www.squid-cache.org/Doc/FAQ/FAQ-23.html#ss23.5

you can use winbind samba 3 and squid have ms clients access the internet via
their MS AD credentials.

I have done this and it works.


Jim




----- Original Message -----
From: "Parsons, Drew" <ParsonsD@knox.nsw.edu.au>
Date: Wed, 14 Apr 2004 09:46:41 +1000
To: ''Andrew Bartlett'' <abartlet@samba.org>
Subject: RE: [Samba] authenticating to an NTLM proxy from a Linux http cli ent
> > -----Original Message-----
> > From: Andrew Bartlett [mailto:abartlet@samba.org] 
> > Sent: Sunday, 1 February 2004 9:14 PM
> > > 
> > > I understand that samba3 is able to provide NTLM 
> > authentication, but I can't
> > > see how it could be set up to pass on that authentication 
> > to the proxy
> > > server. Samba won't act as an in-between "transparent 
> > proxy" that way, will it?
> > > 
> > 
> > > Is there a solution I've missed? Is there any way samba can 
> > be leveraged to
> > > connect to the proxy server?  Or if it really Can't Be 
> > Done, could someone
> > > kindly say so and put me out of my misery?
> > 
> > Samba has an NTLMSSP client and server implementation, that 
> > can be used
> > by external programs.  The interface is currently not the 
> > best, but you
> > can call ntlm_auth over stdio to do the job.  (This presumes 
> > you wish to
> > modify the source to wget or apt-get).
> > 
> > This is in Samba 3.0.2, of which we just released rc2.
> > 
> 
> 
> It'd be nice to have the time to hack all the various unix clients to
> support NTLM authenthication.
> 
> But wanting to just get the job done, I've found another solution:
ntlmaps
> (NTLM authentication proxy server).  It's home page is
> http://ntlmaps.sourceforge.net/, but I packaged it up for Debian
> (http://packages.debian.org/unstable/web/ntlmaps).
> It lets me proxy for wget and apt-get.
> 
> Thanks anyway,
> 
> Drew Parsons
> dparsons@emerall.com
> 
> 
> DISCLAIMER: The information in this message is confidential and may be
> legally privileged. It is intended solely for the addressee.  Access to
this
> message by anyone else is unauthorised.  If you are not the intended
> recipient, any disclosure, copying, or distribution of the message, or any
> action or omission taken by you in reliance on it, is prohibited and may be
> unlawful.  Please immediately contact the sender if you have received this
> message in error. Thank you.
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
-- 
______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org 
This allows you to send and receive SMS through your mailbox.


Powered by Outblaze