similar to: ntlm_auth for domain group members only

Hello all Im using a linux box running CentOS 4.1 as a proxy server with user auth with an AD Its working for a long time, but suddenly this weekend the users cant authenticate anymore looking on logs i obtain this Oct 10 08:29:59 sol (ntlm_auth): [2005/10/10 08:29:59, 0] utils/ntlm_auth.c:get_require_membership_sid(237) Oct 10 08:29:59 sol (ntlm_auth): Winbindd lookupname failed to resolve

Hi all, please cc me, i'm not on the list. Second: All google findable information about problems setting up ntlm_auth for squid with winbind are read and checked more than three times. After breaking a running setup under debian squeeze, i go back to debian lenny to circumvent the actual MIT kerberos problem[1]. [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566977#57 Now i

Hi there, I'm trying to configure Squid to use a windows domain for authentication, and all goes well until I add the "--require-membership-of" option on ntlm_auth. I need to restrict access based on group membership, however ntlm_auth does not seem to be behaving correctly. I'm using Samba 3.0.6 on Debian and I'm using a Windows 2000 (SP4) Domain Controller. I

Hi, I'm wondering if it is possible to use NTLM authentication in squid for users in two different Windows domains. So basically, I would need that ntlm_auth --username=user_in_domain1 --domain=domain1 and ntlm_auth --username=user_in_domain2 --domain=domain2 work at the same time. Is that possible ? What would one need to configure to make this work ? Thanks

Hil list! I'm trying to authenticate Active Directory Users via freeradius. I can do it in a general case (user and domain) without problem. Now I have to do it restricting the authentication to the members of a group. I can exect the script (as is put in radiusd.conf) correct from the command line: Deb:~# /usr/bin/ntlm_auth --username=javi2 --require-membership-of='AAMM\MyGroup'

Hi. I need to use the ntlm_auth module to auth. users so a group can use Internet and other not, using squid. The users that belong to "Internet" group may use Internet. I've being looking for info. about this but there is no much info. in google. Until now this is the only info. that I had found: for squid.conf: auth_param ntlm program /usr/bin/ntlm_auth

Hi, We are running Squid version: 2.5.STABLE13 and Samba version: Version 3.0.21b We have it setup to use NTLM to check that the user belongs to a group within the domain. The need has arrisen to be able to support multiple groups. Is this possible? Our squid.conf section: auth_param ntlm program /ntlm_auth.sh ntlmssp auth_param ntlm max_challenge_reuses 0 auth_param ntlm

Hello all, I am Samba to authenticate users in Windows 2000 AD to a Squid proxy server. I have Red Hat 9, Samba 3.04, and Squid 2.5 Stable3. I have followed the FAQs and docs as closely as possible, and everything went pretty much without a problem. The only hangup I am having is trying to restrict access to the proxy to members of a single AD group. In my squid.conf I have, auth_param ntlm

I am using LDAP as my backend. I have 6 PDC's running Samba 3.0.21b, each domain has a different SID. I store all user,groups,and machine accounts in one LDAP database. So that when I create a user once, all domains can see the user. This keeps me from having to create a user account on each domain for cross domain file sharing. The behavior for Domains running Samba 3.0.21b is a follows.

Hello. I am using squid with ntlm authentication against a samba PDC. It has worked for me perfectly in debian etch with samba version 3.0.24, and ubuntu Gutsy with samba 3.0.26a. But when I have upgraded those servers to hardy (samba 3.0.28a) and lenny (3.2.3), thn sqwuid auth has stopped working, without any other config change. Squid version I am using is 2.6-STABLE17, and . I am using the

I'm trying to get mod_auth_ntlm with apache2 to work but it refuses to do so. ntlm_auth does work if I use the commandline argument. The error I got is: [2009/01/13 13:07:09, 5] lib/debug.c:debug_dump_status(391) INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam:

I posted a similar message on the freeradius list a few months ago and it was suggested I come here. Now that this effort is once again underway I am looking for some assistance. We are trying to replace our existing AAA solution with FreeRadius. The user base is contained in an Active Directory single forest-multi domain model. The only feature of samba that we need to leverage is the

Hello, I'm trying to authenticate PPP (in fact l2tp...) users with Active Directory (windows server 2003 DCs, mixed-mode domain) using winbind / ntlm_auth. I'm using Samba 3.0.22, PPP 2.4.3, Kerberos 1.3.6, with Trustix 2.2 What works : - krb5kinit (and krb5klist -e) - net ads join - wbinfo -u, wbinfo -g, wbinfo -a user%pwd, wbinfo -p, wbinfo -t and wbinfo -m - getent passwd and

Hi Gaetano, Good plan, I'd be very interested in your work as I am starting to look at symfony here, also! I do have ntlm_auth working perfectly using Samba 4 (and with badlock patches). I use it with freeradius, not squid. An extract from my /etc/raddb/modules/mschap, if it helps: ntlm_auth = "/usr/local/samba/bin/ntlm_auth --request-nt-key

On 28/10/15 18:10, Ryan Ashley wrote: > That is client setup. We have that under control. Our Linux users use > Network Manager to connect and our Windows users use the stuff built > into Windows. My problem is server-side. The server is a PPTP VPN > (running via pptpd) and I have to add the lines below to make it work. > > plugin winbind.so > ntlm_auth-helper

Hi, I'm using ntlm_auth to authenticate users in freeradius. My samba server is joined to DOMAINA. When I run ntlm_auth --username=domainauser everything works great. When I run ntlm_auth --username=domainbuser it fails because the user does not exist in domaina which the server is joined to. If I run ntlm_auth --username=domainbuser --domain=domainb it works great. I was wanting to do

I am trying to get FreeRADIUS using Samba's ntlm auth for MSCHAPv2 authentication. I asked this question over on the FreeRADIUS list, and I think the stunned silence means that the folks over there think you guys in the Samba world may be able to help better. I admit it's been a few years since I did any Samba! I have joined my two RADIUS servers (FreeRADIUS 2.0.2, Solaris 10 x86,

What do you mean with "... ntlm_auth --helper-protocol=squid-2.5-ntlmssp does respond only BH..." ? Is it happing in a command line test ? Remember that this helper wait for a NTLM "hash" not a clear user and password, as basic helper does. The best way of testing is to put in use, inside the squid.conf. I've be using it for some months without problem. -----Mensagem

Hello all, I'd like to run a Wireless LAN with Windows XP Clients, FreeRADIUS, Samba and Windows Server 2003 Active Directory. For user authentication FreeRADIUS uses the Samba ntlm_auth tool in order to identify users from active directory. Thereby, the ntlm_auth tool is used as shown below: ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{mschap:User-Name}

On 27/10/15 21:05, Ryan Ashley wrote: > I am not sure how to determine the separator, The separator is easy to establish, do you have a line in smb.conf that starts 'winbind separator =" , if you do, then whatever is after the '=' is the separator, if you haven't got the line, then you are using the default '\' Rowland > but 'which' shows >