Displaying 20 results from an estimated 5000 matches similar to: "optimizing and scaling ntlm_auth"
2017 Jun 15
1
question on password server =
On Thu, 15 Jun 2017 11:51:18 +0200
mj via samba <samba at lists.samba.org> wrote:
> Hi Rowland,
>
> On 06/15/2017 11:05 AM, Rowland Penny via samba wrote:
> > OK, whilst it is recomended to use 'password server = *' you can
> > use a list of servers instead. I personally do not see the point of
> > setting it as you are proposing, surely it is just the
2016 Apr 15
5
samba 4.4.2 freeradius authentication with ntlm_auth
Hi;
Samba team say "It is recommended that administrators set these additional
options, if compatible with their network environment:"
ntlm auth = no
I use samba with FreeRadius.
I configure "ntlm_ auth = no" but freeradius users not connected to wifi.
I use ntlm_auth in FreeRadius side..
best regards
2016 Apr 15
1
samba 4.4.2 freeradius authentication with ntlm_auth
> On Apr 15, 2016, at 15:06 , Andrew Bartlett <abartlet at samba.org> wrote:
>
>
> Yes, this really, really sucks. MSCHAPv2 is NTLM, not NTLMv2 based.
> This is despite NTLMv2 being around when they 'designed' this
> mechanism. Sadly no attempt has been made to somehow get an MSCHAPv3
> in that uses NTLMv2.
>
> On Windows, setting a special flag
2012 Aug 18
2
Unable to use more than 1000 concurrent ntlm_auth processes
Hi List,
I'm running a heavily loaded squid server that uses ntlm_auth to provide NTLM authentication.
As load has increased over time, I've found the need to increase the number of ntlm_auth processes available to squid as well as the "winbind max clients" value in the smb.conf file. This has worked well up until now but seems I've hit some sort of limit.
If I keep the
2006 Nov 28
2
PPP + ntlm_auth
Hello,
I'm trying to authenticate PPP (in fact l2tp...) users with Active
Directory (windows server 2003 DCs, mixed-mode domain) using winbind /
ntlm_auth. I'm using Samba 3.0.22, PPP 2.4.3, Kerberos 1.3.6, with
Trustix 2.2
What works :
- krb5kinit (and krb5klist -e)
- net ads join
- wbinfo -u, wbinfo -g, wbinfo -a user%pwd, wbinfo -p, wbinfo -t and
wbinfo -m
- getent passwd and
2008 Jun 11
1
Squid/ntlm_auth issues with two user accounts (all other accounts on the domain work).
Hi all,
I have just installed and configured a squid setup authenticating
against Active Directory using kerberos tickets and have achieved the
holy-grail of IT - Single Sign On!
The problem is that I have two users for whom is does not work.
The ntlm_auth logs show that for users that are properly authenticated
against squid we get the following (Usernames/Domains/Hosts have been
changed for
2005 Sep 20
1
ntlm_auth multiple domain authentication
Hi,
I'm using ntlm_auth to authenticate users in freeradius. My samba server is joined to DOMAINA. When I run ntlm_auth --username=domainauser everything works great. When I run ntlm_auth --username=domainbuser it fails because the user does not exist in domaina which the server is joined to. If I run ntlm_auth --username=domainbuser --domain=domainb it works great. I was wanting to do
2008 Mar 18
1
ntlm_auth
I am trying to get FreeRADIUS using Samba's ntlm auth for MSCHAPv2 authentication.
I asked this question over on the FreeRADIUS list, and I think the stunned silence means that the folks over there think you guys in the Samba world may be able to help better.
I admit it's been a few years since I did any Samba!
I have joined my two RADIUS servers (FreeRADIUS 2.0.2, Solaris 10 x86,
2024 Jan 24
2
ntlm_auth not returning "STATUS_OK"
On Tue, 23 Jan 2024 17:07:35 -0500
Mark Foley via samba <samba at lists.samba.org> wrote:
> On Mon Jan 22 11:00:59 2024 Mark Foley via samba
> <samba at lists.samba.org> wrote:
> >
> > I have scripts that runs ntlm_auth. Before upgrading my DC to
> > 4.18.9 I would get text string output from the ntlm_auth command.
> > For example:
> >
> >
2024 Jan 23
2
ntlm_auth not returning "STATUS_OK"
On Mon Jan 22 11:00:59 2024 Mark Foley via samba <samba at lists.samba.org> wrote:
>
> I have scripts that runs ntlm_auth. Before upgrading my DC to 4.18.9 I would
> get text string output from the ntlm_auth command. For example:
>
> STATUS_NO_SUCH_USER
> NT_STATUS_WRONG_PASSWORD
> STATUS_OK
>
> My script(s) look for these strings.
>
> Now with the new
2024 Jan 27
1
ntlm_auth not returning "STATUS_OK"
On Wed Jan 24 05:03:25 2024 Rowland Penny via samba <samba at lists.samba.org> wrote:
>
> On Tue, 23 Jan 2024 17:07:35 -0500
> Mark Foley via samba <samba at lists.samba.org> wrote:
>
> > On Mon Jan 22 11:00:59 2024 Mark Foley via samba
> > <samba at lists.samba.org> wrote:
> > >
> > > I have scripts that runs ntlm_auth. Before upgrading
2013 Oct 03
2
Packetfence
Hi
Has anybody tried to combine shorewall (instead of iptables) with
packetfence?
/Göran
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and
2005 Oct 10
2
ntlm_auth SID problem
Hello all
Im using a linux box running CentOS 4.1 as a proxy server with user
auth with an AD
Its working for a long time, but suddenly this weekend the users cant
authenticate anymore
looking on logs i obtain this
Oct 10 08:29:59 sol (ntlm_auth): [2005/10/10 08:29:59, 0]
utils/ntlm_auth.c:get_require_membership_sid(237)
Oct 10 08:29:59 sol (ntlm_auth): Winbindd lookupname failed to resolve
2005 Oct 15
3
Problem with ntlm_auth
Hi
I use suse 10.0 and have problems to set up ntlm_auth for squid.
It uses samba 3.0.20 and squid 2.5.stable10
I have set up winbind and everyhting seems to work.
I've changes groupownerchip of /var/lib/samba/winbindd_privileged
to squid. squid runs as group squid.
Everyhting is working fine for several minutes.
After a while it doesn't work anymore
proxy:/var/log/samba #
2015 Oct 28
2
NTLM_AUTH failing?
That is client setup. We have that under control. Our Linux users use
Network Manager to connect and our Windows users use the stuff built
into Windows. My problem is server-side. The server is a PPTP VPN
(running via pptpd) and I have to add the lines below to make it work.
plugin winbind.so
ntlm_auth-helper "/usr/bin/ntlm_auth --helper-protocol=ntlm-server-1"
Now, that allows ALL
2014 Sep 15
1
Multiple Domains/Winbinds, ntlm_auth/wbinfo issue
Ok I'm at a loss, I have 2 instances on winbindd / smbdd / nmbdd running (basically copied to install from samba-multiple-domains.blogspot .com but with my domains and ip's)
But the issue I have is that even though both domains joined, and I can see all the winbinds and smbs running, and no errors in the logs, it appears that wbinfo / ntlm_auth only work with one of the units, no matter
2024 Jan 22
1
ntlm_auth not returning "STATUS_OK"
I have scripts that runs ntlm_auth. Before upgrading my DC to 4.18.9 I would
get text string output from the ntlm_auth command. For example:
STATUS_NO_SUCH_USER
NT_STATUS_WRONG_PASSWORD
STATUS_OK
My script(s) look for these strings.
Now with the new Samba, the first two strings are output as usual in the case of
non-existant user and invalid password, respectively, but if the user/pw is OK
it
2024 Jan 27
1
ntlm_auth not returning "STATUS_OK"
On 27-01-2024 11:56, Rowland Penny via samba wrote:
> On Fri, 26 Jan 2024 22:22:49 -0500
> Mark Foley via samba<samba at lists.samba.org> wrote:
>
>> On Wed Jan 24 05:03:25 2024 Rowland Penny via samba
>> <samba at lists.samba.org> wrote:
>>> On Tue, 23 Jan 2024 17:07:35 -0500
>>> Mark Foley via samba<samba at lists.samba.org> wrote:
2024 Jan 27
2
ntlm_auth not returning "STATUS_OK"
On Fri, 26 Jan 2024 22:22:49 -0500
Mark Foley via samba <samba at lists.samba.org> wrote:
> On Wed Jan 24 05:03:25 2024 Rowland Penny via samba
> <samba at lists.samba.org> wrote:
> >
> > On Tue, 23 Jan 2024 17:07:35 -0500
> > Mark Foley via samba <samba at lists.samba.org> wrote:
> >
> > > On Mon Jan 22 11:00:59 2024 Mark Foley via samba
2020 Jul 08
3
ntlm_auth how to get challenge and nt-response
Hi all, I'm trying to use ntlm_auth as authenticator of the freeradius
mschap module. If I use ntlm_auth from command line with username and
password, authentication works. If I use the same credentials with
mschap on the logs I can see the challenge and nt-response and I can't
understand if authentication fails because challenge and response are
wrong or because ntlm_auth can't