similar to: winbind question. (challenge/response password authentication)

Hai,   Since im still having problems reading the man smb.conf about the NTLM settings, im asking here. How do i allow NTLM auth for my proxy.   I have been playing around with :           client NTLMv2 auth         raw NTLMv2 auth         ntlm auth         lanman auth   i’ve added the proxy user to the winbind_privileged group. and did set the needed rights. chgrp winbindd_priv

Hai,   I noticed something strange in the keytab file on my member server. This is a followup of : [Samba] winbind question. (challenge/response password authentication) Samba 4.5.3 on Debian Jessie.   Leave the domain. net ads leave -k Deleted account for 'PROXY2' in realm 'REALM'   I checked in windows, and the computer is gone in the “Computer” ou.   Removed the

Hi, I am running squid and samba to auth users against a 2003 domain. My squid setup is something like this: auth_param ntlm program /usr/local/libexec/squid/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param ntlm children 2 auth_param basic program /usr/local/libexec/squid/ntlm_auth

Hello: I have a squid3 with aunteticacion ntlm integrated to samba4 but in workstations with windows 8.1 constantly asked for the username and password and it does not let the user navigate, use debian 8 + samba 4.7.7, no idea because that happens in client with windows 7 works well. smb.conf workgroup = MYDOMINIO security = ads netbios name = srv-proxy server string = Servidor Proxy de

Hi, I'm having trouble realizing a krb5auth with pam_winbind with trusted domain users (external trust) on our clients. The client is joined to a local domain, which has a "external trust" to a global domain. The following things are working for all users (local and trusted domain): "wbinfo -i" "wbinfo --pam-logon" "wbinfo -a" "kinit"

Hi Folks, We have samba(4.8) deployed with following key parms security = ADS realm = TEST client NTLMv2 auth = No ntlm auth = disabled We have a win2k user configured as a "Protected User" (https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/how -to-configure-protected-accounts) When this user tries to connect to samba/winbind, we get

On 16/04/16 21:09, L.P.H. van Belle wrote: > New update. > > > > I now have done about 6 machines. > > 2 with samba 4.2.10 work fine, 2 not. > > 1 with samba 4.3.7 works fine, 1 not. > > > > I saw Jelmer updated the samba to 4.3.8 in sid, so i recompiled these to jessie. > > I upgraded the 4.3.7 to 4.3.8 Hi Louis, debian 4.2.10 is the same as

Here's the keytab info: ubuntu at kvm7246-vm022:~/samba$ sudo klist -ek /etc/krb5.keytab Keytab name: FILE:/etc/krb5.keytab KVNO Principal ---- -------------------------------------------------------------------------- 12 host/kvm7246-vm022.tc83.local at TC83.LOCAL (etype 1) 12 host/KVM7246-VM022 at TC83.LOCAL (etype 1) 12 host/kvm7246-vm022.tc83.local at TC83.LOCAL (etype 3) 12

Hai, > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Andreas Hauffe via samba > Verzonden: dinsdag 22 augustus 2017 11:26 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Winbind with krb5auth for trust users > > Hi, > > thanks for the fast answer. > > All DCs (local and trusted domain) running on

Hi, We are having problems setting up a squid cache server to use NTLMv2 authentication to authenticate users against AD. We have narrowed the problems down to being a problem between samba and squid when using NTLMv2. It constantly moans about the password being wrong when using squid, but doing a direct samba auth works fine. We have (believedly) narrowed it down to this: the domain requires

Hello All, I am at the switch from sssd to winbind based samba domain members (Debian 9 stretch). I am using Samba 4.10.2 packages from Louis ( http://apt.van-belle.nl/ ) and rid backend for idmap. *My problem:* I am able to logon to my domain members using winbind_pam as long as my client is connected to a network where a domain controller is reachable. As soon as I shutdown and connect a

I have samba 3.0.14-5 installed (installed via Fedora Core 4's Yum) I have enabled "client NTLMv2 auth = yes" in smb.conf When I run "ntlm_auth --username=user --domain=MYDOM" it connects fine (change user and MYDOM to be my user and my domain) When I run "ntlm_auth --username=user --domain=MYDOM --diagnostics" it fails on all tests with "wrong password"

Hai, It does not happen often but yes, i also need some help as i cant know everything also and im new with freeradius. Im working on a configuration for samba member + freeradius with ntlm_auth. Why ntlm_auth, because the next one is kerberos and ldap auth to configure.. I want to have some fallback options here and you have to start somewhere. This is running on my new proxy/gateway

Hi all. I?m trying to understand a weird authentication failure: I have two domains (TC83.LOCAL and TC84.LOCAL), each in a diferent forest, with a bidirectional forest trust. The samba server kvm7246-vm022.maas.local is a domain member of TC83 and is running a recent build from git master (f38077ea5ee). When I test authentication of users in each domain by running ntlm_auth on the samba server,

Ok some new info. Yesterday file server worked, print server not. Today, both dont work. Same test today, proxy1 and proxy2. Proxy1 didnt work, proxy2 did ( at that time 4.3.6) I upgraded (to 4.3.8) proxy2, tested again, still working. Ok, now this proxy 2 is an vm ( a copy of proxy1 ), so lets try something.. I remove proxy2 from the ad domain (proxy1 is our main proxy) so this one is

Hi, I set up a samba 4 in Debian 9.9 as a Domain member server, but authentication is not working as follows: root at srv-proxy:/etc/samba# wbinfo -a marcio at EMPRESA.COM.BR Enter marcio at EMPRESA.COM.BR's password: plaintext password authentication succeeded Enter marcio at EMPRESA.COM.BR's password: challenge/response password authentication failed wbcAuthenticateUserEx(+marcio at

I am trying to get FreeRADIUS using Samba's ntlm auth for MSCHAPv2 authentication. I asked this question over on the FreeRADIUS list, and I think the stunned silence means that the folks over there think you guys in the Samba world may be able to help better. I admit it's been a few years since I did any Samba! I have joined my two RADIUS servers (FreeRADIUS 2.0.2, Solaris 10 x86,

Hi all I'm not sure whether to go to the ppp lists for this, or the samba lists. I thought I'd try here first. I have a linux firewall using winbind to authenticate users coming in with PPTP. It all seemed to work OK at first. After a while I noticed that authentication was denied to users who had previously (as in less than a day) authenticated successfully. After a day or so of

On Mon Jan 22 11:00:59 2024 Mark Foley via samba <samba at lists.samba.org> wrote: > > I have scripts that runs ntlm_auth. Before upgrading my DC to 4.18.9 I would > get text string output from the ntlm_auth command. For example: > > STATUS_NO_SUCH_USER > NT_STATUS_WRONG_PASSWORD > STATUS_OK > > My script(s) look for these strings. > > Now with the new

Hi Rowland, On Wed, Nov 08, 2017 at 12:12:20PM +0000, Rowland Penny wrote: > On Wed, 8 Nov 2017 12:43:16 +0100 > Ervin Hegedüs <airween at gmail.com> wrote: > > > > You would be better using the DCs ipaddress rather than '127.0.0.1'. > > > You should also remove '10.10.0.1' it doesn't seem to be a DC. > > > > yes, that's the