Displaying 20 results from an estimated 6000 matches similar to: "NTLM protocol/multiple DCs"
2009 May 05
2
winbindd stays at 100% CPU having joined a domain
[ Please would anyone replying to this maintain the Cc list here as my
dear colleague is not subscribed to this mailing list. ]
Hello all,
I am trying to track down an oddity with winbindd. We're using samba only
to join a given domain -- so the config file is very minimal, as per:
[global]
workgroup = TEDDYBEARS
netbios name = SMOOTHWALL
realm = TEDDYBEARS.LOCAL
security = ads
2010 Mar 15
0
ntlm helper helper usage problem
Hi,guys .
I implement HTTP Proxy running in Linux environment and my proxy have
to support NTLM authentication.
My proxy written in C++.
I try to use _squid-ntlm helper _according to
*http://devel.squid-cache.org/ntlm/squid_helper_protocol.html .
So *I run helper like this *system ("ntlm_auth -d=10
--helper-protocol=squid-2.5-ntlmssp"*);
and implemented its protocol (see
2019 Feb 19
0
Need to authenticate Outlook and NTLM
On Mon, 18 Feb 2019 10:17:16 -0000 Stuart Henderson wrote:
>
> On 2019-02-13, Mark Foley via dovecot <dovecot at dovecot.org> wrote:
> > Is it possible that no one on this list is authenticating Outlook with Dovecot and NTLM?
>
> Yes, it's possible, the outdated instructions you found on the wiki
> suggests it's an uncommon configiration.
Hmmm, really? And yet
2018 Mar 26
2
freeradius + NTLM + samba AD 4.5.x
Hello,
I've done some further testing, and I have to correct myself.
I was (kind of obviously as I think about it) wrong about samba on the
freeradius server requiring v. 4.7. What makes all the difference is the
method used by mschap.
Traditionally in freeradius in mods-available/mschap you'll use
something like:
ntlm_auth = "/path/to/ntlm_auth --request-nt-key
2005 Jun 17
1
Problem with NTLM
Hi all;
We have Squid 2.5.STABLE7running with 30 ntlm_auth helpers Version
3.0.10-1.fc3. The problem is that on the squid?s cachemgr.cgi->NTLM User
Authenticator Stats is possible to verify that the ntlm_auth processes
are slowly having the flag R (Reserved or Deferred) set and never being
used again (the number of requests stops). This problem goes until there
is no more ntlm_auth
2016 Aug 02
0
Centos 7 & ntlm
That is strange!
We run Centos7 and 4.4.4.
# First test
dc209:~# ntlm_auth --username=mdufresne
Password:
NT_STATUS_OK: Success (0x0)
# sAMAccountName modification
dc209:~# ldbedit -H $sam samaccountname=mdufresne
# 0 adds 1 modifies 0 deletes
# Test with old sAMAccountName
dc209:~# ntlm_auth --username=mdufresne
Password:
NT_STATUS_NO_SUCH_USER: No such user (0xc0000064)
# Test with new
2018 Mar 28
0
ODP: Re: freeradius + NTLM + samba AD 4.5.x
Hi,
thank you very much for testing everything out. Great work!
One question: passchange - which application are working with passchange
on radius ?
In the moment every user with an expired password is NOT able to use
services using radius
for authentication (WLAN,VPN). Is there any documentation available ?
Bye, Peer
On 27.03.2018 22:40, Kacper Wirski via samba wrote:
> Hello,
>
>
2016 Aug 01
2
Centos 7 & ntlm
Hihi
So I have a really strange problem. I am running Centos 7 with Samba purely
for ntlm_auth against winbind services (squid/radius auth etc). Its been
working fine till we found a strange bug with the ntlm_auth executable.
If the username has a "w" at the end it throws out a syntax error
see below test:
# ./ntlm_auth --username=lblaauw
username must be specified!
Usage:
2019 Feb 18
0
Need to authenticate Outlook and NTLM
On 2019-02-13, Mark Foley via dovecot <dovecot at dovecot.org> wrote:
> Is it possible that no one on this list is authenticating Outlook with Dovecot and NTLM?
Yes, it's possible, the outdated instructions you found on the wiki
suggests it's an uncommon configiration.
No actual answers from me, but it might give you some clues:
> More on this ...
>
> I short-sheeted
2018 Mar 27
0
freeradius + NTLM + samba AD 4.5.x
On Tue, 2018-03-27 at 01:22 +0200, Kacper Wirski via samba wrote:
> Hello,
>
> I've done some further testing, and I have to correct myself.
>
> I was (kind of obviously as I think about it) wrong about samba on the
> freeradius server requiring v. 4.7. What makes all the difference is the
> method used by mschap.
> What I can't test right now, if it will work
2018 Sep 11
0
NTLM auth, better on a DC or on a DM?
Sorry, i'm still a bit confused.
Andreay say:
> I would do that, it allows you to have the FreeRADIUS fail over to
> another DC when you are upgrading Samba, and choose to upgrade Samba's
> base OS without consideration for the Squid/FreeRADIUS stack.
So, ntlm_auth connect to (local) winbind, and winbind connect to DCs,
so in this way freeradius 'failover' in respect of
2018 Mar 27
2
ODP: Re: freeradius + NTLM + samba AD 4.5.x
ok, tested it, and it works.
so to summarize:
on samba ad 4.7.x in smb.conf "ntlm auth" is set to "mschapv2-and-ntlmv2-only"
fr + samba domain member (4.6 and 4.7) in mods-available/mschap you have to add to ntlm_auth --allow-mschapv2 to the whole string OR just use winbind method, which sets correct flag without explicitly adding it.
with those settings ntlmv1 is blocked
2019 Feb 08
0
Need to authenticate Outlook and NTLM
More on this ...
I short-sheeted ntlm_auth to see what was being passed to it. It is getting as arg1:
--helper-protocol=squid-2.5-ntlmssp
I tried running ntlm_auth at the command line as:
ntlm_auth --username=user --password=password --helper-protocol=squid-2.5-ntlmssp
It did nothing, just hung there. The ntlm_auth man page says:
--helper-protocol=PROTO
Operate as a stdio-based helper.
2019 Feb 19
1
Need to authenticate Outlook and NTLM
On 19.2.2019 4.48, Mark Foley via dovecot wrote:
> On Mon, 18 Feb 2019 10:17:16 -0000 Stuart Henderson wrote:
>> On 2019-02-13, Mark Foley via dovecot <dovecot at dovecot.org> wrote:
>>> Is it possible that no one on this list is authenticating Outlook with Dovecot and NTLM?
>> Yes, it's possible, the outdated instructions you found on the wiki
>> suggests
2013 Aug 07
1
samba4 and squid with NTLM auth
Hi.
Samba-4.0.7
FreeBSD 10.0-CURRENT
Besides serving files I'm using Samba to authenticate users in the
Windows AD with squid.
After having issues with samba 3.6.16 I decided to see if samba4 will
fit me more. I was surprised, but I found that Samba 4 is fully
functional in my environment and is nearly production-ready.
After that I tried to setup squid to use samba for NTLM authentication.
2023 Mar 20
1
PHP-LDAP RPM installed but not usable
I've also tried adding the pgsql and mysql RPM's and they're not
available either.
On 20/03/2023 12:58, Gary Stainburn wrote:
> Apologies.? This is the correct screen grab.
>
> The extra errors in the OP were because I had been experimenting, to
> try to fix the issue.
>
> [root at testsvr ~]# ./ldapAuth.php gary.stainburn fake-password
> PHP Fatal error:?
2007 Mar 05
1
NTLM authentication with squid using smbpasswd/tdbsam?
Hi,
I want to set up squid (2.6.9) with Samba (3.0.24) using
NTLM authentication. I don't want to authenticate against an AD
server; I just want to authenticate against a smbpasswd backend
without sending the password over the network in the clear.
The squid server is on the same box a the Samba server providing
file/print services to XP workstations.
The primary way of using NTLM seems
2018 Jan 10
1
NTLM, MSCHAPv2, squid & freeradius...
Currently (samba 4 NT-like domains) i use extensively NTLM auth in
freeradius and more mildly in squid, respectively with:
Freeradius (mschap module):
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --domain=SANVITO --username=%{mschap:User-Name:-None} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
squid3:
auth_param ntlm program /usr/bin/ntlm_auth
2005 Jan 18
2
auth samba+squid+ntlm
Hi.
I need to use the ntlm_auth module to auth. users so a group can use Internet
and other not, using squid. The users that belong to "Internet" group may use
Internet.
I've being looking for info. about this but there is no much info. in google.
Until now this is the only info. that I had found:
for squid.conf:
auth_param ntlm program /usr/bin/ntlm_auth
2005 Oct 31
1
NTLM Problems
Hi,
I am running squid and samba to auth users against a 2003 domain. My squid
setup is something like this:
auth_param ntlm program /usr/local/libexec/squid/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param ntlm children 2
auth_param basic program /usr/local/libexec/squid/ntlm_auth