Displaying 20 results from an estimated 10000 matches similar to: "Using Samba NTLM authentication"
2018 Jun 08
2
samba4+squid3+ntlm
Hello:
I have a squid3 with aunteticacion ntlm integrated to samba4 but in workstations with windows 8.1 constantly asked for the username and password and it does not let the user navigate, use debian 8 + samba 4.7.7, no idea because that happens in client with windows 7 works well.
smb.conf
workgroup = MYDOMINIO
security = ads
netbios name = srv-proxy
server string = Servidor Proxy de
2018 Jan 10
1
NTLM, MSCHAPv2, squid & freeradius...
Currently (samba 4 NT-like domains) i use extensively NTLM auth in
freeradius and more mildly in squid, respectively with:
Freeradius (mschap module):
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --domain=SANVITO --username=%{mschap:User-Name:-None} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
squid3:
auth_param ntlm program /usr/bin/ntlm_auth
2014 Nov 11
3
ntlm_auth NT_STATUS_INVALID_WORKSTATION Question
Hi all,
I have samba4.2 (Version 4.2.0pre1-GIT-6d2f56d) as AD domain controller.
Some users can only logon to specific window workstation. Now, we want to
configure the samba AD as the user authentication of squid. I use the
following configuration in squid. The users without workstation limitation
can successfully authenticate to squid, but the user with workstation
limitation cannot.
2017 May 22
4
Problems with Samba 4.6.3 Authentication
Hi,
I have posted the following message to Squid-Users forum (
squid-users at lists.squid-cache.org).
"I have migrated of Samba 4.2.1 to Samba 4.6.3 as DC, but now my Squid
authentication doesn't work.
In samba 4.2.1 is working properly.
This is my authentication block:
auth_param basic program /usr/lib/squid3/basic_ldap_auth -R -b
DC=empresa,DC=com,DC=br -D
2013 Feb 08
2
NTLM autentication problems
I'm trying to configure Squid ntlm autentication on Samba4 DC. I followed
Squid and Samba's documentation and i got success when I login with user
natalia.silva, but if I log with natalia.vaz i get the error
--
Nat?lia Vaz Silva
Administradora de redes
2016 Aug 30
2
L2tp and winbind - server role active directory domain controller
hum... thanks Achim....
I think this is more reasonable to my scenario....
I will try!
2016-08-30 11:48 GMT-03:00 Achim Gottinger via samba <samba at lists.samba.org>
:
>
>
> Am 30.08.2016 um 15:05 schrieb Gilberto Nunes via samba:
>
>> Hello list...
>>
>> I have samba 4.1.17 installed and in the same server, I have l2tp.
>> Samba it configurated as
2015 Aug 05
5
LDAP bindpw password
Hi.
I'm using Samba 4 on two Zentyal servers as Domain Controller and now
I have to authenticate some services to it (Apache and PAM in
particular).
The LDAP integration asks me for a LDAP bind password, but I cannot
find out where it is on Zentyal.
Is there a way to check (or change it) directly on Samba 4?
Or is it preferable to authenticate against Active Directory or Kerberos?
Thank you
2016 Aug 30
5
L2tp and winbind - server role active directory domain controller
Hello list...
I have samba 4.1.17 installed and in the same server, I have l2tp.
Samba it configurated as active directory domain controller.
I am trying authetication against samba with winbind.
I want to know how to restrict authentication for certain group.
I put this line in the end of l2tp conf file:
ntlm_auth-helper '/usr/bin/ntlm_auth --helper-protocol=ntlm-server-1
2018 Mar 26
3
freeradius + NTLM + samba AD 4.5.x
Ok, I finally could try it out, and it seems to actually work, but You
need samba 4.7 on all machines, not only AD, but also server with
freeradius. I didn't get a chance to test it locally, that is samba AD +
freeradius on the same server.
Setup: 4.7.6 AD server and 4.6.2 samba member + freeradius didn't work
(got simple "nt_status_wrong_password")
but: 4.7.6 AD and 4.7.1
2019 Feb 19
1
Need to authenticate Outlook and NTLM
On 19.2.2019 4.48, Mark Foley via dovecot wrote:
> On Mon, 18 Feb 2019 10:17:16 -0000 Stuart Henderson wrote:
>> On 2019-02-13, Mark Foley via dovecot <dovecot at dovecot.org> wrote:
>>> Is it possible that no one on this list is authenticating Outlook with Dovecot and NTLM?
>> Yes, it's possible, the outdated instructions you found on the wiki
>> suggests
2018 Mar 27
2
ODP: Re: freeradius + NTLM + samba AD 4.5.x
ok, tested it, and it works.
so to summarize:
on samba ad 4.7.x in smb.conf "ntlm auth" is set to "mschapv2-and-ntlmv2-only"
fr + samba domain member (4.6 and 4.7) in mods-available/mschap you have to add to ntlm_auth --allow-mschapv2 to the whole string OR just use winbind method, which sets correct flag without explicitly adding it.
with those settings ntlmv1 is blocked
2018 Mar 26
3
freeradius + NTLM + samba AD 4.5.x
Also I just facepalmed, as I double checked smb.conf right after sending
mail, and in samba 4.7 there are new options available for "ntlm auth",
as stated in docs:
|mschapv2-and-ntlmv2-only| - Only allow NTLMv1 when the client promises
that it is providing MSCHAPv2 authentication (such as the |ntlm_auth| tool).
So that is is I suppose that special "flag" that is used by
2018 Sep 07
3
NTLM auth, better on a DC or on a DM?
On Fri, 2018-09-07 at 20:14 +0200, Luca Olivetti via samba wrote:
> El 7/9/18 a les 17:59, Marco Gaiarin via samba ha escrit:
>
> > It is better to install squid/freeradius in the same host of a DC, or
> > don't bother at all so they can be installed also on a DM?
>
> I don't know if it's better but I'm running freeradius with ntlm_auth on
> a
2005 Nov 07
4
Urgent Samba / Squid NTLM Auth Problems
Hi,
We are having problems setting up a squid cache server to use NTLMv2
authentication to authenticate users against AD.
We have narrowed the problems down to being a problem between samba and
squid when using NTLMv2. It constantly moans about the password being wrong
when using squid, but doing a direct samba auth works fine. We have
(believedly) narrowed it down to this: the domain requires
2007 Apr 17
1
problem setting ntlm authentication for apache using mod_auth_winbind
Hello list,
I'm trying to set up ntlm authentication for using mod_auth_winbind.
Unfortunately during the "ntlm dance" some errors occurs. It
complains about Oversized message, Invalid request and ntlm_auth
goes to defunc... ( broken pipe as we can see in apache error log file )
apache 31623 31578 1 19:25 ? 00:00:00 [ntlm_auth] <defunct>
Log file from apache is
2015 Oct 19
5
Samba 4 + Squidguardian
On 19/10/15 16:46, mathias dufresne wrote:
> AD from Samba or Microsoft is mainly a database for storing users (and
> associated stuffs). It comes also with stuffs (protocols) to connect and
> retrieve information.
>
> How the client uses these information is, as always, a choice from that
> specific client.
>
> Your AD client is your Squid/Squidguard(ian) server. Its job
2009 Dec 28
2
Samba4 and Squid3 with ntlm_auth
Hello there.
I'm try to configure squid3 with samba4-alpha-10 autentication.
My samba4 pdc work fine with a simple smb.conf:
[globals]
netbios name = PANTRO
workgroup = MYDOMAIN
realm = MYDOMAIN.LAN
server role = domain controller
[netlogon]
path = /usr/local/samba/var/locks/sysvol/mydomain.lan/scripts
read only = no
2019 Feb 08
4
Need to authenticate Outlook and NTLM
I've posted questions on this before, but now I really, really need a solution.
Using Dovecot 2.2.33.2
We've been using Dovecot as IMAP server for several years on a Linux host which is also the
Active Directory / Domain Controller. We have both Thunderbird and Outlook clients. The
Thunderbird clients authenticate w/o problem with AD credentials using Kerberos/GSSAPI.
I've never
2005 Oct 31
1
NTLM Problems
Hi,
I am running squid and samba to auth users against a 2003 domain. My squid
setup is something like this:
auth_param ntlm program /usr/local/libexec/squid/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param ntlm children 2
auth_param basic program /usr/local/libexec/squid/ntlm_auth
2010 Mar 15
0
ntlm helper helper usage problem
Hi,guys .
I implement HTTP Proxy running in Linux environment and my proxy have
to support NTLM authentication.
My proxy written in C++.
I try to use _squid-ntlm helper _according to
*http://devel.squid-cache.org/ntlm/squid_helper_protocol.html .
So *I run helper like this *system ("ntlm_auth -d=10
--helper-protocol=squid-2.5-ntlmssp"*);
and implemented its protocol (see