Displaying 20 results from an estimated 2660 matches for "ntlm".
2008 Jun 11
1
Squid/ntlm_auth issues with two user accounts (all other accounts on the domain work).
Hi all,
I have just installed and configured a squid setup authenticating
against Active Directory using kerberos tickets and have achieved the
holy-grail of IT - Single Sign On!
The problem is that I have two users for whom is does not work.
The ntlm_auth logs show that for users that are properly authenticated
against squid we get the following (Usernames/Domains/Hosts have been
changed for security reasons):
========================
ntlm-auth[4409](ntlm_auth.c:284): managing request
ntlm-auth[4409](ntlm_auth.c:290): ntlm authenticator. Got...
2017 Sep 21
2
[Announce] Samba 4.7.0 Available for Download
On Thu, 21 Sep 2017 12:40:57 -0400
lingpanda101 via samba <samba at lists.samba.org> wrote:
> >
> I'm not understanding the change to 'ntlm auth' parameter. It's says
> default is now ntlmv2-only as a value. So this takes the place of
> 'ntlm auth = no'(ie. ntlm auth = ntlmv2-only)? Using the value of
> 'yes' is OK(ie. ntlm auth = yes)? Thanks.
>
If you read the smb.conf manpage you will find th...
2004 Jul 27
3
[PATCH 0/10] NTLM patchset submission
Hello all,
as I promised some days ago here is NTLM (aka SPA, aka MSN) authentication
support patchset.
It contains common code in src/lib-ntlm directory, Samba compatible
NTLM password scheme and authentication mechanism itself.
All patches are against 1.0-test30.
Please take a look.
Best regards.
--
Andrey Panin | Linux and UNIX system admi...
2015 Aug 18
0
[squid-users] debian Jessie squid with auth (kerberos/ntlm/basic) ERROR type NTLM type 3
...z,
Louis
>-----Oorspronkelijk bericht-----
>Van: samba [mailto:samba-bounces at lists.samba.org] Namens
>L.P.H. van Belle
>Verzonden: dinsdag 18 augustus 2015 9:45
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] [squid-users] debian Jessie squid with
>auth (kerberos/ntlm/basic) ERROR type NTLM type 3
>
>Hai Amos,
>
>Thank you for your very clear responce.. few small questions..
>
>Is there a way to setup the proxy for the following.
>1) use negotiate kerberos for auth, ( which is working already
>for all domain joined machines )
>2) use...
2015 Aug 18
0
[squid-users] debian Jessie squid with auth (kerberos/ntlm/basic) ERROR type NTLM type 3
...ten guest machines.
Is a link to a radius server an option, dont have a radus jet, but can be installed.
and radius is also comming for my wifi authentication.
whould that fix my problem (3) above, in a authentication fallback setup.
>One puzzling thing is why Win7 client is trying to use NTLM in
>the first
>place. NTLM is disabled by default in Vista and later due to
>its lack of
>security.
>
>Try adding "auth_param negotiate keep_alive off" to close connections
>when Negotiate/NTLM is used and force the client to retry with other
>auth credentials on...
2018 Oct 10
3
How to disable NTLM authentication on Samba
Whenever a client uses kerberos as authentication, it succeeds.
Whenever a client uses NTLM as authentication, it fails (logs bellow) since SSSD can't support NTLM. Thus my question: what can I do to prevent NTLM from being used??
[2018/10/09 17:49:29.507046, 2] ../source3/auth/auth.c:332(auth_check_ntlm_password) check_ntlm_password: Authentication for user [MYUSER] -> [MYUSER]...
2018 Oct 10
4
How to disable NTLM authentication on Samba
Forgive me if I have misundertood your words, but what I want is to prevent Samba from accepting NTLM(v1, v2, SSP, or whatever) and forwarding it, since SSSD does not support it. I am not trying to get SSSD to support any kind of NTLM. So, this would be a Samba issue, not SSSD's. Isn't that correct?
Putting it in another words: what can I do (preferrably on the Samba server) to prevent wind...
2018 Nov 24
0
NTLM protocol question
Hi Samba team,
Could someone point me to a documentation which describes which NTLM flag combination in type 1 & 2 create which type 3 response. As far as I read MS has the following client/DC configuration combinations.
Send LM & NTLM responses Clients use LM and NTLM authentication, and never use NTLMv2 session security;
DCs accept LM, NTLM, and NTLMv2 auth...
2004 Sep 30
1
[PATCH] NTLM2 support
Hello,
as pointed by Andrew Bartlett NTLM2 authentication support
is missing in dovecot. Attached patch adds it.
Tested and works for me.
Please consider applying.
Best regards.
--
Andrey Panin | Linux and UNIX system administrator
pazke at donpac.ru | PGP key: wwwkeys.pgp.net
-------------- next part --------------
diff -urpNX /usr/...
2018 Oct 10
2
How to disable NTLM authentication on Samba
How can I make sure that NTLM(SSP) will never be used??
I’ve set up Samba with SSSD and everything Works fine... except for a few Windows machines which every now and then happen to send NTLM authentication flags to the Samba server, which happily forwards them. And then the authentication fails because SSSD doesn’t support NT...
2018 Oct 10
2
How to disable NTLM authentication on Samba
The domain controler is Windows. The file Server is Linux/Samba. The clients are Windows.
I've tested the access on a dozen different windows machines. Three of them used NTLM and failed. All the others used kerberos and succeeded. They're all in the same network, same domain. Maybe it's the windows version? But they're all Window 8 or 10, not a great deal of a difference between them.
Those logs are from the Samba server, upon receiving the NTLM authenticati...
2016 May 18
2
Completely Disable NTLM on Samba4
Dear all,
May I know if there is any way to completely disable NTLM and NTLM V2 on
samba4 ?
I need to ensure if someone bring their own workstations back to office and
they cannot connect to samba4 server using their password.
On Windows, there are a Security Settings to do this (Local Policies ->
Security Options -> Network Security: Restrict NTLM: Incom...
2016 Apr 22
3
Looking for NTLM config example
Now that I am running Thunderbird on Linux and away from Windows/Outlook, I'd like to take
another run at setting up NTLM authentication from Thunderbird to my Samba4 AC/DC.
With the help of the samba maillist folks I was able to set up NTLM authentication for domain
user login. I should be able to do the same for email!
But, I need help. I went to http://wiki2.dovecot.org/Authentication/Mechanisms/NTLM and got
lo...
2016 Jun 26
2
Looking for NTLM config example
Also it seems we lack support for NTLMv2. If you want to use NTLM you need to permit use of NTLM(v1), which is usually not enabled by default.
Aki
> On June 25, 2016 at 7:43 PM Mark Foley <mfoley at ohprs.org> wrote:
>
>
> I've asked this several times over the past year with essentially zero responses. I'l...
2004 Oct 22
1
[PATCH] support OEM encoding in NTLM messages
Hello,
after I started to use dovecot as a backend for exim4 SMTP
authentication on my main mailserver, I noticed that some
clients don't advertise unicode support and so they can't
log in.
To fix the problem the attached patch allows use of OEM encoding
in NTLM messages.
Please consider applying.
Best regards.
P.S. I want to release exim4 patch in the near future, probably
when Timo will stop making incompatible protocol changes ;)
--
Andrey Panin | Linux and UNIX system administrator
pazke at donpac.ru | PGP key: wwwkeys.pgp.net
-------------- nex...
2018 Mar 26
3
freeradius + NTLM + samba AD 4.5.x
...cally, that is samba AD +
freeradius on the same server.
Setup: 4.7.6 AD server and 4.6.2 samba member + freeradius didn't work
(got simple "nt_status_wrong_password")
but: 4.7.6 AD and 4.7.1 samba + freeradius works just fine. It's clearly
visible in logs.
While using "ntlm auth = yes" I was getting in audit log
Authentication_passwordType = NTLMv1, but with ntlm auth =
ntlmv2-and-mschap2-only audit log shows Authentication_passwordType as
"MSCHAP2"
Not sure what's the case, maybe only starting with samba 4.7 ntlm_auth
can send correct flag?
H...
2018 Oct 11
2
How to disable NTLM authentication on Samba
Single DC?
If a single DC then there should not be any replication issues - that
would only be between domain controllers and the event logs would
indicate that. I have 2 Windows DC's with a mix of Samba member servers.
As far as I know, the domain member does not need client NTLM auth to be
enabled to talk to the DC but I am not 100% sure. You may want to try
reenabling it and maybe enabling NTLMv1 for the server auth just to see
if that makes a difference. NTLMv1 is not recommended for security
reasons but it may help identify the problem.
On my member servers...
2018 Oct 10
0
How to disable NTLM authentication on Samba
...ight here told me exactly what I needed to understand this authentication process:https://pagure.io/SSSD/sssd/issue/3228
- The client talks to the DC to try and get a cifs ticket for my samba server's princpal name;- In case the client can't get the ticket for any reason, it falls back to NTLM <- windows client decision, nothing can be done about it by Samba/SSSD;
Once I realized this, I investigated the windows machines which couldn't access my Samba server, and I found out that they were authenticating to a DC which didn't receive the replication for the Samba server's m...
2004 Nov 10
0
[PATCH] NTLM update and crashfix
Hello,
attached patch allows LM authentication for older (Win9x) clients
which do not pass NTLM response in type 3 message. It also fixes
crash in dovecot-auth (empty credentials could be passed to
hex_to_binary function if NTLM2 was negotiated).
Please consider applying.
Best regards.
--
Andrey Panin | Linux and UNIX system administrator
pazke at donpac.ru | PGP key: wwwkeys.pgp.net
-...
2007 Apr 17
1
problem setting ntlm authentication for apache using mod_auth_winbind
Hello list,
I'm trying to set up ntlm authentication for using mod_auth_winbind.
Unfortunately during the "ntlm dance" some errors occurs. It
complains about Oversized message, Invalid request and ntlm_auth
goes to defunc... ( broken pipe as we can see in apache error log file )
apache 31623 31578 1 19:25 ? 00:00:0...