similar to: ntlm_auth / winbind problem

Displaying 20 results from an estimated 10000 matches similar to: "ntlm_auth / winbind problem"

2012 Jul 19
1
Winbind/ntlm_auth issues
Hi, I'm struggling to get squid+ntlm_auth working correctly. I have successfully joined the domain, and I am able to successfully enumerate groups and users using wbinfo. I can also successfully run "wbinfo -a." However, once I configure Squid to use ntlm_auth per: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --debug-level=10 --nt-response
2003 Oct 15
1
"winbind use default domain" doesn't work on samba 3.0.0
Hi, On my 2 Debian boxes the option "winbind use default domain = yes" doesn't make any difference any more where as it dit work just before the rest works fine, but not this option in smb.conf. I've discussed the matter on the French Samba mailing-list and I seem not to be the only one who's got this problem. The other person uses winbind with ADS, where as i'm
2007 Jul 02
2
[Patch] Samba's proposed "ntlm_auth + winbind" support for dovecot-auth
The Samba team recommends to use their "ntlm_auth" command line helper for "NTLM" and "GSS-SPNEGO" authentication. This helper interacts with the Samba's winbind daemon, and this way can authenticate users against NT or Active Directory windows domain. Currently Dovecot can do "NTLM" authentication too, but just "locally" (against a local
2017 Jun 12
2
'winbind use default domain' doesn't appear to work with ntlm_auth
Hi everyone, We just upgraded Samba from 4.4.5 to 4.6.5 and appear to be experiencing a problem with authentication, when the RPC domain is not supplied as part of the username. I have two scenarios where this has cropped up: RADIUS authentication using ntlm_auth Apache HTTP using mod_auth_ntlm_winbind RADIUS authentication: We use the freeRADIUS 'mschap' module to provide
2005 Nov 02
1
how to use ntlm_auth
Hi, I want to know how to use ntlm_auth with ntlm-server-1 and freeradius, with the users login and password information in ldap. I have read documentation of ntlm_auth (only found the man page), docs and howtos about pptp and squid, i don't found about freeradius, and i'm experimenting with the options of ntlm_auth. I have configured freeradius+ldap+802.1X for a wireless lan, but i
2014 Sep 15
1
Multiple Domains/Winbinds, ntlm_auth/wbinfo issue
Ok I'm at a loss, I have 2 instances on winbindd / smbdd / nmbdd running (basically copied to install from samba-multiple-domains.blogspot .com but with my domains and ip's) But the issue I have is that even though both domains joined, and I can see all the winbinds and smbs running, and no errors in the logs, it appears that wbinfo / ntlm_auth only work with one of the units, no matter
2008 Mar 18
1
ntlm_auth
I am trying to get FreeRADIUS using Samba's ntlm auth for MSCHAPv2 authentication. I asked this question over on the FreeRADIUS list, and I think the stunned silence means that the folks over there think you guys in the Samba world may be able to help better. I admit it's been a few years since I did any Samba! I have joined my two RADIUS servers (FreeRADIUS 2.0.2, Solaris 10 x86,
2014 Sep 08
2
optimizing and scaling ntlm_auth
Hello, I am using ntlm_auth called from FreeRADIUS to authenticate users on a network with their Active Directory credentials. The problem I seem to be having is that ntlm_auth is taking longer than it should and I can't seem to get it to go faster reliably. Some background information: Users are connecting to a wireless network using 802.1x. That network sends requests to FreeRADIUS which
2023 Apr 03
2
ntlm_auth and freeradius
Op 03-04-2023 om 16:05 schreef Tim ODriscoll via samba: > Dear All, > > I'm trying to setup FreeRADIUS to authenticate a machine account to grant access to wifi for domain-connected machines. I think I've got the GPO's set up properly and the CA deployed to the clients, as I'm not getting any errors there. > > The errors I'm getting are to do with ntlm_auth not
2023 Apr 03
2
Fwd: ntlm_auth and freeradius
Op 03-04-2023 om 16:05 schreef Tim ODriscoll via samba: > Dear All, > > I'm trying to setup FreeRADIUS to authenticate a machine account to grant access to wifi for domain-connected machines. I think I've got the GPO's set up properly and the CA deployed to the clients, as I'm not getting any errors there. > > The errors I'm getting are to do with ntlm_auth not
2005 Mar 30
3
ntlm_auth question
Hi guys/gals. I'm brand new to this list, been working with Linux for several years, and have occasionally set up samba file servers before in a "hi-i'm-wide-open-so-anyone-can-read/write-to-my-shares" mode for temporary storage in data recovery scenarios. At the moment, I'm working on a project that involves FreeRADIUS authenticating against a Win2k/2k3 AD server using the
2012 Aug 18
2
Unable to use more than 1000 concurrent ntlm_auth processes
Hi List, I'm running a heavily loaded squid server that uses ntlm_auth to provide NTLM authentication. As load has increased over time, I've found the need to increase the number of ntlm_auth processes available to squid as well as the "winbind max clients" value in the smb.conf file. This has worked well up until now but seems I've hit some sort of limit. If I keep the
2006 Nov 28
2
PPP + ntlm_auth
Hello, I'm trying to authenticate PPP (in fact l2tp...) users with Active Directory (windows server 2003 DCs, mixed-mode domain) using winbind / ntlm_auth. I'm using Samba 3.0.22, PPP 2.4.3, Kerberos 1.3.6, with Trustix 2.2 What works : - krb5kinit (and krb5klist -e) - net ads join - wbinfo -u, wbinfo -g, wbinfo -a user%pwd, wbinfo -p, wbinfo -t and wbinfo -m - getent passwd and
2006 Mar 09
2
Using ntlm_auth to authneticate to an NTLMv2 AD
Chaps, I'm trying to get a radius server to authenticate to AD via the samba ntlm_auth program. I've just built samba vsn 3.0.21c with the following config parameters ./configure --with-pam --enable-socket-wrapper --with-ldapsam --with-syslog --with-ldap --with-winbind My smb.conf has global] workgroup = ADIR security = domain password server = 150.237.54.198 realm =
2008 Jun 11
1
Squid/ntlm_auth issues with two user accounts (all other accounts on the domain work).
Hi all, I have just installed and configured a squid setup authenticating against Active Directory using kerberos tickets and have achieved the holy-grail of IT - Single Sign On! The problem is that I have two users for whom is does not work. The ntlm_auth logs show that for users that are properly authenticated against squid we get the following (Usernames/Domains/Hosts have been changed for
2012 Oct 30
1
ntlm_auth allowing users which are denied access
Hi, I am using samba 3.2.2 with freeradius . I have joined the domain & able to authenticate users with ntlm_auth. If in ADS-2003 I configure the Remote Access Permission for the user ( User-properties->Dial-in ) as Deny then if I use the "ntlm_auth --username=user --password=password" I get NT_STATUS_OK. What could be the reason for this behavior , or is there any patch
2005 Oct 02
1
ntlm_auth and PEAP machine authentication
I am trying to use ntlm_auth for machine authentication requests against a Win2003/AD from my RADIUS server. Normal, user authentication works fine, but not machine authentication. The username passed from RADIUS to ntlm-auth looks like host/pcname123. I'm wondering if the "/" is killing it? The ntlm_auth man page says that it expects only Samba's unix charset. Does anyone
2005 Sep 20
1
ntlm_auth multiple domain authentication
Hi, I'm using ntlm_auth to authenticate users in freeradius. My samba server is joined to DOMAINA. When I run ntlm_auth --username=domainauser everything works great. When I run ntlm_auth --username=domainbuser it fails because the user does not exist in domaina which the server is joined to. If I run ntlm_auth --username=domainbuser --domain=domainb it works great. I was wanting to do
2024 Jan 24
2
ntlm_auth not returning "STATUS_OK"
On Tue, 23 Jan 2024 17:07:35 -0500 Mark Foley via samba <samba at lists.samba.org> wrote: > On Mon Jan 22 11:00:59 2024 Mark Foley via samba > <samba at lists.samba.org> wrote: > > > > I have scripts that runs ntlm_auth. Before upgrading my DC to > > 4.18.9 I would get text string output from the ntlm_auth command. > > For example: > > > >
2024 Jan 23
2
ntlm_auth not returning "STATUS_OK"
On Mon Jan 22 11:00:59 2024 Mark Foley via samba <samba at lists.samba.org> wrote: > > I have scripts that runs ntlm_auth. Before upgrading my DC to 4.18.9 I would > get text string output from the ntlm_auth command. For example: > > STATUS_NO_SUCH_USER > NT_STATUS_WRONG_PASSWORD > STATUS_OK > > My script(s) look for these strings. > > Now with the new