Displaying 20 results from an estimated 11000 matches similar to: "ntlm_auth doesn`t work with machine accounts"
2005 Jun 30
1
Authenticate machine accounts with ntlm_auth
Hi,
Is it possible to authenticate a machine account with ntlm_auth ?
When a machine tries to authencate itself, the username looks like this:
"host/hostname.domain.org"
I don't know if ntlm_auth is able to understand this format...
Regards
Jeremy
2005 Apr 29
0
ntlm_auth doesn`t work with machine accounts
Hello all,
I'd like to run a Wireless LAN with Windows XP Clients, FreeRADIUS,
Samba and Windows Server 2003 Active Directory. For user authentication
FreeRADIUS uses the Samba ntlm_auth tool in order to identify users from
active directory. Thereby, the ntlm_auth tool is used as shown below:
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
--username=%{mschap:User-Name}
2008 Jun 11
1
Squid/ntlm_auth issues with two user accounts (all other accounts on the domain work).
Hi all,
I have just installed and configured a squid setup authenticating
against Active Directory using kerberos tickets and have achieved the
holy-grail of IT - Single Sign On!
The problem is that I have two users for whom is does not work.
The ntlm_auth logs show that for users that are properly authenticated
against squid we get the following (Usernames/Domains/Hosts have been
changed for
2016 Apr 15
1
samba 4.4.2 freeradius authentication with ntlm_auth
> On Apr 15, 2016, at 15:06 , Andrew Bartlett <abartlet at samba.org> wrote:
>
>
> Yes, this really, really sucks. MSCHAPv2 is NTLM, not NTLMv2 based.
> This is despite NTLMv2 being around when they 'designed' this
> mechanism. Sadly no attempt has been made to somehow get an MSCHAPv3
> in that uses NTLMv2.
>
> On Windows, setting a special flag
2006 Nov 28
2
PPP + ntlm_auth
Hello,
I'm trying to authenticate PPP (in fact l2tp...) users with Active
Directory (windows server 2003 DCs, mixed-mode domain) using winbind /
ntlm_auth. I'm using Samba 3.0.22, PPP 2.4.3, Kerberos 1.3.6, with
Trustix 2.2
What works :
- krb5kinit (and krb5klist -e)
- net ads join
- wbinfo -u, wbinfo -g, wbinfo -a user%pwd, wbinfo -p, wbinfo -t and
wbinfo -m
- getent passwd and
2017 Jun 08
3
ntlm_auth and SMBv2/v3
Hi ,
I just need some clarification ;
We currently use ntlm_auth + winbind for AD auth on Freeradius, will
disabling SMBv1 break authentication for ntlm_auth + Freeradius ?
Many Thanks
Arnab
2012 Aug 18
2
Unable to use more than 1000 concurrent ntlm_auth processes
Hi List,
I'm running a heavily loaded squid server that uses ntlm_auth to provide NTLM authentication.
As load has increased over time, I've found the need to increase the number of ntlm_auth processes available to squid as well as the "winbind max clients" value in the smb.conf file. This has worked well up until now but seems I've hit some sort of limit.
If I keep the
2024 Jan 22
1
ntlm_auth not returning "STATUS_OK"
I have scripts that runs ntlm_auth. Before upgrading my DC to 4.18.9 I would
get text string output from the ntlm_auth command. For example:
STATUS_NO_SUCH_USER
NT_STATUS_WRONG_PASSWORD
STATUS_OK
My script(s) look for these strings.
Now with the new Samba, the first two strings are output as usual in the case of
non-existant user and invalid password, respectively, but if the user/pw is OK
it
2005 Sep 20
1
ntlm_auth multiple domain authentication
Hi,
I'm using ntlm_auth to authenticate users in freeradius. My samba server is joined to DOMAINA. When I run ntlm_auth --username=domainauser everything works great. When I run ntlm_auth --username=domainbuser it fails because the user does not exist in domaina which the server is joined to. If I run ntlm_auth --username=domainbuser --domain=domainb it works great. I was wanting to do
2008 Mar 18
1
ntlm_auth
I am trying to get FreeRADIUS using Samba's ntlm auth for MSCHAPv2 authentication.
I asked this question over on the FreeRADIUS list, and I think the stunned silence means that the folks over there think you guys in the Samba world may be able to help better.
I admit it's been a few years since I did any Samba!
I have joined my two RADIUS servers (FreeRADIUS 2.0.2, Solaris 10 x86,
2005 Oct 15
3
Problem with ntlm_auth
Hi
I use suse 10.0 and have problems to set up ntlm_auth for squid.
It uses samba 3.0.20 and squid 2.5.stable10
I have set up winbind and everyhting seems to work.
I've changes groupownerchip of /var/lib/samba/winbindd_privileged
to squid. squid runs as group squid.
Everyhting is working fine for several minutes.
After a while it doesn't work anymore
proxy:/var/log/samba #
2024 Jan 23
2
ntlm_auth not returning "STATUS_OK"
On Mon Jan 22 11:00:59 2024 Mark Foley via samba <samba at lists.samba.org> wrote:
>
> I have scripts that runs ntlm_auth. Before upgrading my DC to 4.18.9 I would
> get text string output from the ntlm_auth command. For example:
>
> STATUS_NO_SUCH_USER
> NT_STATUS_WRONG_PASSWORD
> STATUS_OK
>
> My script(s) look for these strings.
>
> Now with the new
2024 Jan 24
2
ntlm_auth not returning "STATUS_OK"
On Tue, 23 Jan 2024 17:07:35 -0500
Mark Foley via samba <samba at lists.samba.org> wrote:
> On Mon Jan 22 11:00:59 2024 Mark Foley via samba
> <samba at lists.samba.org> wrote:
> >
> > I have scripts that runs ntlm_auth. Before upgrading my DC to
> > 4.18.9 I would get text string output from the ntlm_auth command.
> > For example:
> >
> >
2014 Sep 15
1
Multiple Domains/Winbinds, ntlm_auth/wbinfo issue
Ok I'm at a loss, I have 2 instances on winbindd / smbdd / nmbdd running (basically copied to install from samba-multiple-domains.blogspot .com but with my domains and ip's)
But the issue I have is that even though both domains joined, and I can see all the winbinds and smbs running, and no errors in the logs, it appears that wbinfo / ntlm_auth only work with one of the units, no matter
2020 Jul 08
3
ntlm_auth how to get challenge and nt-response
Hi all, I'm trying to use ntlm_auth as authenticator of the freeradius
mschap module. If I use ntlm_auth from command line with username and
password, authentication works. If I use the same credentials with
mschap on the logs I can see the challenge and nt-response and I can't
understand if authentication fails because challenge and response are
wrong or because ntlm_auth can't
2023 Apr 03
2
ntlm_auth and freeradius
Op 03-04-2023 om 16:05 schreef Tim ODriscoll via samba:
> Dear All,
>
> I'm trying to setup FreeRADIUS to authenticate a machine account to grant access to wifi for domain-connected machines. I think I've got the GPO's set up properly and the CA deployed to the clients, as I'm not getting any errors there.
>
> The errors I'm getting are to do with ntlm_auth not
2024 Jan 27
1
ntlm_auth not returning "STATUS_OK"
On Wed Jan 24 05:03:25 2024 Rowland Penny via samba <samba at lists.samba.org> wrote:
>
> On Tue, 23 Jan 2024 17:07:35 -0500
> Mark Foley via samba <samba at lists.samba.org> wrote:
>
> > On Mon Jan 22 11:00:59 2024 Mark Foley via samba
> > <samba at lists.samba.org> wrote:
> > >
> > > I have scripts that runs ntlm_auth. Before upgrading
2005 Nov 02
1
how to use ntlm_auth
Hi,
I want to know how to use ntlm_auth with ntlm-server-1 and freeradius,
with the users login and password information in ldap.
I have read documentation of ntlm_auth (only found the man page), docs
and howtos about pptp and squid, i don't found about freeradius, and i'm
experimenting with the options of ntlm_auth.
I have configured freeradius+ldap+802.1X for a wireless lan, but i
2016 May 31
3
Using ntlm_auth with a non-Squid application
Hello
my goal is to write an authentication module for the Symfony php framework, which would provide SSO capabilities to browsers that are logged in an MS AD domain
and support the NTLMv2 protocol. Ideally this module would run on linux servers, and be portable, i.e. require as few non-php tools and network/firewall
settings as possible (that's why I eschewed the existing Apache modules
2005 Oct 10
2
ntlm_auth SID problem
Hello all
Im using a linux box running CentOS 4.1 as a proxy server with user
auth with an AD
Its working for a long time, but suddenly this weekend the users cant
authenticate anymore
looking on logs i obtain this
Oct 10 08:29:59 sol (ntlm_auth): [2005/10/10 08:29:59, 0]
utils/ntlm_auth.c:get_require_membership_sid(237)
Oct 10 08:29:59 sol (ntlm_auth): Winbindd lookupname failed to resolve