Displaying 20 results from an estimated 5000 matches similar to: "ntlm_auth and SMBv2/v3"
2017 Jun 08
4
ntlm_auth and SMBv2/v3
hai,
Please keep it mailing to the list, this way is shows up of others also.
A workaround for disabling SMBv1, you can make your server less secure but thats not what i would do.
Setting these to enable NTLM v1 again.
lanman auth = yes
ntlm auth = yes
raw NTLMv2 auth = yes
I think also this is more a question for the free raduis list, but i would to for a ldap(s) setup.
just dont mixup
2017 Oct 17
3
ntlm_auth and SMBv2/v3
Hello Andrew,
Do you plan to release the patch for "ntlm auth =
mschapv2-only" option soon ?
We need this on order to use freeradius in
a "more safe" scenario than with "ntlm auth = yes"
Best
Regard,
Lulzim KELMENI
Direction des Systèmes d'Information
Mairie de
Saint-Ouen
Le 08/06/2017 21:36, Andrew Bartlett via samba a écrit :
>
On Thu, 2017-06-08 at
2018 Mar 26
4
freeradius + NTLM + samba AD 4.5.x
Hi,
we have updated our samba AD domain from 4.4.x to 4.5.x.
The release notes for 4.5.0 included "NTLMv1 authentication disabled by
default".
So we had to enable it to get our radius (freeradius) server working
(for 802.1x).
What would be the best way to change the freeradius configuration in
such a way,
that we can disable NTLMv1 again.
The radius server is used for WLAN
2017 Sep 03
4
Advice on Winbindd and NTLM Auth Performance
Hi Rowland,
The only thing I'm using is winbindd the smbd and nmbd daemons are disabled.
However I have now found the bottleneck is because freeradius is calling
the ntlm_auth binary and effectively forking out.
The guys at freeradius wrote a direct client libwbclient however their is
no way of specifying the winbind privileged path using that method as it's
hardcoded during compile
2017 Jun 08
0
ntlm_auth and SMBv2/v3
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Arnab Roy via samba
> Verzonden: donderdag 8 juni 2017 14:23
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] ntlm_auth and SMBv2/v3
>
> Hi ,
>
> I just need some clarification ;
>
> We currently use ntlm_auth + winbind for AD auth on
> Freeradius, will
2017 Nov 23
4
Compiling Samba 4.7 with systemd support on Fedora 26
Hi Rowland,
No I am running samba as a member, purely using it for ntlm_auth for
freeradius. If i run it manually i.e. /usr/local/samba/sbin/winbindd -D it
starts up and stays up no issues. Yes selinx is disabled
sestatus
SELinux status: disabled
Any pointers...?
Many Thanks
Arnab
On Thu, Nov 23, 2017 at 8:34 PM, Rowland Penny via samba <
samba at lists.samba.org> wrote:
2017 Sep 01
4
Advice on Winbindd and NTLM Auth Performance
Hi All,
I am using winbind and ntlm auth in Freeradius. At the moment that seems to
be a major bottleneck. It seems like the ntlm_auth execution is taking a
while , what all options can improve this .
For starters adding TCP_NODELAY in smb.conf seems to have helped a little.
Many Thanks
2017 Sep 01
3
Advice on Winbindd and NTLM Auth Performance
Hello Everyone,
Thanks for your inputs I have followed whats here https://wiki.freeradius.
org/guide/Active-Directory-direct-via-winbind . Apart from the different
location for the directories. I have added the recommended options in samba.
However I cannot see why this would make a difference to performance.
The guide for setting up a samba domain member seems more to be aimed at
the whole
2019 Aug 30
6
Samba 4.10.7 + freeradius 3.0.17 +ntlm_auth - Debian buster
Hai,
It does not happen often but yes, i also need some help as i cant know everything also and im new with freeradius.
Im working on a configuration for samba member + freeradius with ntlm_auth.
Why ntlm_auth, because the next one is kerberos and ldap auth to configure..
I want to have some fallback options here and you have to start somewhere.
This is running on my new proxy/gateway
2017 Oct 12
2
Share mounts in SMBv1 mode, but fails weirdly in SMBv2 mode
Hi,
We're slowly deprecating SMBv1 support at work, so I'm trying to mount
our Samba network shares using SMBv2.0. This should in principle be
supported by the server, and seems works well enough for the Windows
clients. But it fails for me with some errors which I do not understand.
Can you help me figure out what's going on? Here's my system
configuration and a quick
2017 Oct 13
5
Share mounts in SMBv1 mode, but fails weirdly in SMBv2 mode
Le 13/10/2017 à 01:46, Jeremy Allison via samba a écrit :
> On Thu, Oct 12, 2017 at 03:58:58PM +0200, Hadrien Grasland via samba wrote:
>> Hi,
>>
>> We're slowly deprecating SMBv1 support at work, so I'm trying to
>> mount our Samba network shares using SMBv2.0. This should in
>> principle be supported by the server, and seems works well enough
>> for
2017 Jun 08
0
ntlm_auth and SMBv2/v3
On Thu, 2017-06-08 at 15:30 +0200, L.P.H. van Belle via samba wrote:
> hai,
>
> Please keep it mailing to the list, this way is shows up of others also.
> A workaround for disabling SMBv1, you can make your server less secure but thats not what i would do.
>
> Setting these to enable NTLM v1 again.
>
> lanman auth = yes
NEVER set this.
> ntlm auth = yes
This
2017 Oct 13
2
Share mounts in SMBv1 mode, but fails weirdly in SMBv2 mode
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Hadrien Grasland via samba
> Verzonden: vrijdag 13 oktober 2017 15:34
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Share mounts in SMBv1 mode, but fails
> weirdly in SMBv2 mode
>
> Hi Louis,
>
> Thanks for your reply!
>
> > This might be a
2023 Apr 06
1
Fwd: ntlm_auth and freeradius
I can share my notes, we authenticate UniFi clients via Freeradius against Samba AD. We also check group membership which you might or might not need:
## 4 FreeRADIUS
### 4.1 Basics
```bash
apt install freeradius freeradius-ldap freeradius-utils
# create new DH-params
openssl dhparam -out /etc/freeradius/3.0/certs/dh 2048
```
### 4.2 Configure Authentication
- modify mschap to use winbind,
2017 May 21
3
NtLm auth with multiple ad domains
Hi ,
Any suggestions on the config I really need to get this working I am on
fedora with samba 4.45 ?
I know their is a probable way of getting this to work but not seen a
complete example anywhere..
I have seen a commercial product which runs centos use samba and Kerberos
across multiple disjoint domains.
Your help would really appreciated.
Many thanks
Arnab
On 21 May 2017 9:34 am,
2016 Apr 15
5
samba 4.4.2 freeradius authentication with ntlm_auth
Hi;
Samba team say "It is recommended that administrators set these additional
options, if compatible with their network environment:"
ntlm auth = no
I use samba with FreeRadius.
I configure "ntlm_ auth = no" but freeradius users not connected to wifi.
I use ntlm_auth in FreeRadius side..
best regards
2023 Apr 12
1
Fwd: ntlm_auth and freeradius
Hello Alexander,
thanks Alexander for these configuration snippets.
Which version of Samba are you using? Is this on debian bullseye? Is the
FreeRADIUS server installed on a DC or on a Domain Member? (I just
tested the latter).
is "ntlm auth = yes" OK for the DCs and the domain member or does it
have to be "mschapv2-and-ntlmv2-only" for all servers (DCs + Member)? It
2023 Apr 12
2
Fwd: ntlm_auth and freeradius
Hi Alexander,
I'm terribly sorry. We didnt have the "ntlm auth" parameter configured
on the DCs at all. I added it and it just works.
Thanks for your help.
Now I just need to figure out how I can make WLAN-specific LDAP-Group
authentication.
e. g. production WLAN needs LDAP group "wlan_production" and management
WLAN needs the "wlan_management" group.
I
2005 Nov 02
1
how to use ntlm_auth
Hi,
I want to know how to use ntlm_auth with ntlm-server-1 and freeradius,
with the users login and password information in ldap.
I have read documentation of ntlm_auth (only found the man page), docs
and howtos about pptp and squid, i don't found about freeradius, and i'm
experimenting with the options of ntlm_auth.
I have configured freeradius+ldap+802.1X for a wireless lan, but i
2023 Apr 03
2
ntlm_auth and freeradius
Op 03-04-2023 om 16:05 schreef Tim ODriscoll via samba:
> Dear All,
>
> I'm trying to setup FreeRADIUS to authenticate a machine account to grant access to wifi for domain-connected machines. I think I've got the GPO's set up properly and the CA deployed to the clients, as I'm not getting any errors there.
>
> The errors I'm getting are to do with ntlm_auth not