Displaying 20 results from an estimated 5000 matches similar to: "ntlm_auth for domain group members only"
2005 Oct 10
2
ntlm_auth SID problem
Hello all
Im using a linux box running CentOS 4.1 as a proxy server with user
auth with an AD
Its working for a long time, but suddenly this weekend the users cant
authenticate anymore
looking on logs i obtain this
Oct 10 08:29:59 sol (ntlm_auth): [2005/10/10 08:29:59, 0]
utils/ntlm_auth.c:get_require_membership_sid(237)
Oct 10 08:29:59 sol (ntlm_auth): Winbindd lookupname failed to resolve
2010 Feb 11
0
squid, ntlm_auth, winbind problem
Hi all,
please cc me, i'm not on the list.
Second: All google findable information about problems setting up
ntlm_auth for squid with winbind are read and checked more than
three times.
After breaking a running setup under debian squeeze, i go back to debian
lenny to circumvent the actual MIT kerberos problem[1].
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566977#57
Now i
2004 Sep 07
1
Problems with 'ntlm_auth --require-membership-of' using Samba 3.0.6
Hi there,
I'm trying to configure Squid to use a windows domain for
authentication, and all goes well until I add the
"--require-membership-of" option on ntlm_auth. I need to restrict
access based on group membership, however ntlm_auth does not seem to be
behaving correctly. I'm using Samba 3.0.6 on Debian and I'm using a
Windows 2000 (SP4) Domain Controller. I
2008 May 14
1
ntlm_auth authentication to two different domains
Hi,
I'm wondering if it is possible to use NTLM authentication in squid for
users in two different Windows domains. So basically, I would need that
ntlm_auth --username=user_in_domain1 --domain=domain1
and
ntlm_auth --username=user_in_domain2 --domain=domain2
work at the same time. Is that possible ? What would one need to
configure to make this work ?
Thanks
2005 May 16
2
Winbind problem when exec freeradius
Hil list!
I'm trying to authenticate Active Directory Users via freeradius. I
can do it in a general case (user and domain) without
problem. Now I have to do it restricting the authentication to the
members of a group.
I can exect the script (as is put in radiusd.conf) correct from the
command line:
Deb:~# /usr/bin/ntlm_auth --username=javi2
--require-membership-of='AAMM\MyGroup'
2005 Jan 18
2
auth samba+squid+ntlm
Hi.
I need to use the ntlm_auth module to auth. users so a group can use Internet
and other not, using squid. The users that belong to "Internet" group may use
Internet.
I've being looking for info. about this but there is no much info. in google.
Until now this is the only info. that I had found:
for squid.conf:
auth_param ntlm program /usr/bin/ntlm_auth
2006 Sep 12
1
Multiple Group checking using ntlm_auth
Hi,
We are running Squid version: 2.5.STABLE13 and Samba version: Version
3.0.21b
We have it setup to use NTLM to check that the user belongs to a group
within the domain. The need has arrisen to be able to support multiple
groups. Is this possible?
Our squid.conf section:
auth_param ntlm program /ntlm_auth.sh ntlmssp
auth_param ntlm max_challenge_reuses 0
auth_param ntlm
2004 May 13
0
winbindd lookup failure
Hello all,
I am Samba to authenticate users in Windows 2000 AD to a Squid proxy
server. I have Red Hat 9, Samba 3.04, and Squid 2.5 Stable3.
I have followed the FAQs and docs as closely as possible, and everything
went pretty much without a problem. The only hangup I am having is
trying to restrict access to the proxy to members of a single AD group.
In my squid.conf I have,
auth_param ntlm
2006 Sep 05
2
User Group SID behavior has changed from 21b to 23c
I am using LDAP as my backend. I have 6 PDC's running Samba 3.0.21b,
each domain has a different SID. I store all user,groups,and machine
accounts in one LDAP database. So that when I create a user once, all
domains can see the user. This keeps me from having to create a user
account on each domain for cross domain file sharing.
The behavior for Domains running Samba 3.0.21b is a follows.
2008 Oct 03
0
squid ntlm_auth not working on versions above 3.0.26
Hello. I am using squid with ntlm authentication against a samba PDC. It has worked for me perfectly in debian etch with samba version 3.0.24, and ubuntu Gutsy with samba 3.0.26a.
But when I have upgraded those servers to hardy (samba 3.0.28a) and lenny (3.2.3), thn sqwuid auth has stopped working, without any other config change.
Squid version I am using is 2.6-STABLE17, and . I am using the
2009 Jan 14
0
problem with ntlm_auth and apache2
I'm trying to get mod_auth_ntlm with apache2 to work but it refuses to do
so.
ntlm_auth does work if I use the commandline argument.
The error I got is:
[2009/01/13 13:07:09, 5] lib/debug.c:debug_dump_status(391)
INFO: Current debug levels:
all: True/10
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam:
2009 Oct 09
0
ntlm_auth, universal principal name, multi-domain active directory - can samba authenticate?
I posted a similar message on the freeradius list a few months ago and it
was suggested I come here. Now that this effort is once again underway I am
looking for some assistance.
We are trying to replace our existing AAA solution with FreeRadius. The
user base is contained in an Active Directory single forest-multi domain
model.
The only feature of samba that we need to leverage is the
2006 Nov 28
2
PPP + ntlm_auth
Hello,
I'm trying to authenticate PPP (in fact l2tp...) users with Active
Directory (windows server 2003 DCs, mixed-mode domain) using winbind /
ntlm_auth. I'm using Samba 3.0.22, PPP 2.4.3, Kerberos 1.3.6, with
Trustix 2.2
What works :
- krb5kinit (and krb5klist -e)
- net ads join
- wbinfo -u, wbinfo -g, wbinfo -a user%pwd, wbinfo -p, wbinfo -t and
wbinfo -m
- getent passwd and
2016 May 31
0
Using ntlm_auth with a non-Squid application
Hi Gaetano,
Good plan, I'd be very interested in your work as I am starting to look at
symfony here, also!
I do have ntlm_auth working perfectly using Samba 4 (and with badlock
patches). I use it with freeradius, not squid. An extract from my
/etc/raddb/modules/mschap, if it helps:
ntlm_auth = "/usr/local/samba/bin/ntlm_auth --request-nt-key
2015 Oct 28
0
NTLM_AUTH failing?
On 28/10/15 18:10, Ryan Ashley wrote:
> That is client setup. We have that under control. Our Linux users use
> Network Manager to connect and our Windows users use the stuff built
> into Windows. My problem is server-side. The server is a PPTP VPN
> (running via pptpd) and I have to add the lines below to make it work.
>
> plugin winbind.so
> ntlm_auth-helper
2005 Sep 20
1
ntlm_auth multiple domain authentication
Hi,
I'm using ntlm_auth to authenticate users in freeradius. My samba server is joined to DOMAINA. When I run ntlm_auth --username=domainauser everything works great. When I run ntlm_auth --username=domainbuser it fails because the user does not exist in domaina which the server is joined to. If I run ntlm_auth --username=domainbuser --domain=domainb it works great. I was wanting to do
2008 Mar 18
1
ntlm_auth
I am trying to get FreeRADIUS using Samba's ntlm auth for MSCHAPv2 authentication.
I asked this question over on the FreeRADIUS list, and I think the stunned silence means that the folks over there think you guys in the Samba world may be able to help better.
I admit it's been a few years since I did any Samba!
I have joined my two RADIUS servers (FreeRADIUS 2.0.2, Solaris 10 x86,
2004 Apr 23
0
RES: RES: Problems with ntlm_auth --helper-protocol=squid -2.5- ntlmssp
What do you mean with "... ntlm_auth --helper-protocol=squid-2.5-ntlmssp
does respond only BH..." ? Is it happing in a command line test ?
Remember that this helper wait for a NTLM "hash" not a clear user and
password, as basic helper does.
The best way of testing is to put in use, inside the squid.conf. I've be
using it for some months without problem.
-----Mensagem
2005 Apr 29
0
ntlm_auth doesn`t work with machine accounts
Hello all,
I'd like to run a Wireless LAN with Windows XP Clients, FreeRADIUS,
Samba and Windows Server 2003 Active Directory. For user authentication
FreeRADIUS uses the Samba ntlm_auth tool in order to identify users from
active directory. Thereby, the ntlm_auth tool is used as shown below:
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
--username=%{mschap:User-Name}
2015 Oct 27
0
NTLM_AUTH failing?
On 27/10/15 21:05, Ryan Ashley wrote:
> I am not sure how to determine the separator,
The separator is easy to establish, do you have a line in smb.conf that
starts 'winbind separator =" , if you do, then whatever is after the '='
is the separator, if you haven't got the line, then you are using the
default '\'
Rowland
> but 'which' shows
>