similar to: No NTLM with PAM after upgrade

I'm having an issue I can't seem to work around after upgrading from Dovecot 1.0.7 to 1.2.17. After getting Dovecot 1.07 working on CentOS 5.9, I decided that it might be wise to upgrade to a later version, so I stuck with 1.x and went with 1.2.17, which I had to compile from source. CentOS was originally using /etc as the starting path for Dovecot files but the source distribution puts

Started implementing the MasterUser changes to my config files so I can finally offer SPA for pop3/imap. Things are working fine with the MasterUser (horray!), however one of my guys started using SPA with Outlook Express and started getting another users mailbox. Turns out to be related to NTLM. His Outlook express is configured for the username of 'johnsmith'. However, you'll see

More on this ... I short-sheeted ntlm_auth to see what was being passed to it. It is getting as arg1: --helper-protocol=squid-2.5-ntlmssp I tried running ntlm_auth at the command line as: ntlm_auth --username=user --password=password --helper-protocol=squid-2.5-ntlmssp It did nothing, just hung there. The ntlm_auth man page says: --helper-protocol=PROTO Operate as a stdio-based helper.

This is a tired old topic but I've at least got an angle on it: Outlook Express works perfectly with IMAP / SPA for users logged into our Windows domain; I just give the server address and username, and it logs in without any password required; beautiful! auth_ntlm_use_winbind = yes auth_winbind_helper_path = /usr/bin/ntlm_auth auth default { mechanisms = ntlm userdb static { args =

Edit: When using win8, then logs started appear in dovecot.rawlog. But as win10 gives error in ssl level, before user authentication, then no debug logs will be written into user dovecot.rawlog folder. So how to debug this ssl issue? Aki Tuomi wrote: > https://wiki2.dovecot.org/Debugging/Rawlog > > can you try this to get rawlogs to find out what happens? > > Aki I'm bit

On 12.12.2016 16:21, Mart Pirita wrote: > Edit: When using win8, then logs started appear in dovecot.rawlog. But > as win10 gives error in ssl level, before user authentication, then no > debug logs will be written into user dovecot.rawlog folder. > > So how to debug this ssl issue? > > > Aki Tuomi wrote: >> https://wiki2.dovecot.org/Debugging/Rawlog >> >>

Having some problems with setting up a proxy with any authentication mechanisms other than PLAIN. My passwords are stored in my database in plaintext (and MD5), so I figure I could use whatever scheme I want. Using the latest RC15. MySQL for the backend. This first one is CRAM-MD5. It fails (scheme_r != NULL??) then PLAIN tries to take over, but the auth server is restarting: Info:

Is it possible that no one on this list is authenticating Outlook with Dovecot and NTLM? --Mark -----Original Message----- Date: Fri, 08 Feb 2019 00:51:01 -0500 To: dovecot at dovecot.org Subject: Re: Need to authenticate Outlook and NTLM From: Mark Foley via dovecot <dovecot at dovecot.org> More on this ... I short-sheeted ntlm_auth to see what was being passed to it. It is getting as

The last log line shows "user=<>". This indicates no credentials were presented. If the rip field matches the client ip you tested from, I would bet the appropriate kerberos ticket (imap/host.domain.tld at REALM) was not pulled for the authentication. On Jun 28, 2016 11:33 PM, "Mark Foley" <mfoley at ohprs.org> wrote: > Aki - partial success! I rebuilt my

I wanted to bring attention to some odd behavior which I don't believe is intentional. With Samba running, I can go to a Windows machine on the network (10.0.0.0/24) and see all of the Samba shares by pulling up an Explorer window and going to \\Server1 Everything appears to work as expected. However, if I populate the 'hosts allow' parameter within smb.conf as follows: hosts allow

Hi, We want to migrate to rc1 using vpopmail auth. This is the configuration: -------------------------------------------------- auth default { # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi mechanisms = plain login passdb vpopmail { # [cache_key=<key>] - See cache_key in PAM for explanation.

Also it seems we lack support for NTLMv2. If you want to use NTLM you need to permit use of NTLM(v1), which is usually not enabled by default. Aki > On June 25, 2016 at 7:43 PM Mark Foley <mfoley at ohprs.org> wrote: > > > I've asked this several times over the past year with essentially zero responses. I'll keep it simple: > > Does NTLM authentication work in

On 12/12/2016 10:42 AM, Aki Tuomi wrote: > > > On 12.12.2016 16:21, Mart Pirita wrote: >> Edit: When using win8, then logs started appear in dovecot.rawlog. But >> as win10 gives error in ssl level, before user authentication, then no >> debug logs will be written into user dovecot.rawlog folder. >> >> So how to debug this ssl issue? >> >>

Hi!, I'm trying to use single sign on from Windows. Install dovecot on CentOS 6. The host name is prueba-mail. I'm using version 2.0.9 because the latest 64-bit gives errors. But first I wanted to test whether user validation works with telnet. When I try to try "telnet prueba-mail imap" and try to "a1 LOGIN MyUsername MyPassword", I get the following error:prueba-mail

Hello, I've install 1.021 and am having some problems getting vpopmail authentication to work correctly (running 0.99 in production, upgrading to 1.021). I'm using vpopmail-5.4.16. Here are the authentication debug statements in the log, my dovecot.conf changes from default, and the schema of my vpopmail database. Any ideas / suggestions? I've commented out all authentication

Hai Amos, Thank you for your very clear responce.. few small questions.. Is there a way to setup the proxy for the following. 1) use negotiate kerberos for auth, ( which is working already for all domain joined machines ) 2) use a fall back that works, for now basic ldap works for non windows machines, and domain joined machines. 3) use any other fallback way for authentication users on windows

... sorry wrong list.. but you can read it and learn from it.. :-)) Greetz, Louis >-----Oorspronkelijk bericht----- >Van: samba [mailto:samba-bounces at lists.samba.org] Namens >L.P.H. van Belle >Verzonden: dinsdag 18 augustus 2015 9:45 >Aan: samba at lists.samba.org >Onderwerp: Re: [Samba] [squid-users] debian Jessie squid with >auth (kerberos/ntlm/basic) ERROR

Hi Samba team, Could someone point me to a documentation which describes which NTLM flag combination in type 1 & 2 create which type 3 response. As far as I read MS has the following client/DC configuration combinations. Send LM & NTLM responses Clients use LM and NTLM authentication, and never use NTLMv2 session security; DCs accept LM, NTLM, and NTLMv2 authentication.

Hello, attached patch allows LM authentication for older (Win9x) clients which do not pass NTLM response in type 3 message. It also fixes crash in dovecot-auth (empty credentials could be passed to hex_to_binary function if NTLM2 was negotiated). Please consider applying. Best regards. -- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key: wwwkeys.pgp.net

Hello, after more than week using dovecot as exim4 authentication backend, I noticed that some strange clients send type 3 messages with LM response only. Attached patch allows them to log in. Please consider applying. Best regards. -- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key: wwwkeys.pgp.net -------------- next part -------------- diff -urdpNX