It's the only one on the machine, and it has the same timestamp as the
other samba files from when I did a 'make install' for samba.
So I'm pretty sure it was not overwritten or anything.
On Mon, 12 Jan 2004, Dave Augustus wrote:
> Hello Ben,
>
> Ensure that you are referencing the ntlm_auth that comes with Samba V3.
>
> --Dave
>
>
> On Mon, 2004-01-12 at 09:01, Ben Kelley wrote:
> > Trying to get NTLM/seamless authentication working with IE in domain/AD
> > environment. Have browser setup to use proxy.
> >
> > Basic authentication from a non-M$ machine/browser works fine to the
> > domain.
> > Basic authentication from a M$ machine with Netscape works fine to the
> > domain.
> > Any authentication from a M$ machine with a M$ browser fails.
> >
> > It appears that the NTLM between the client IE and Squid takes place due
> > to seeing the username appearing in the logs (cache.log) as soon as IE is
> > launched, but that authentication is never sent to the Domain Controllers
> > (verified via tcpdump).
> >
> > TESTWKSN
> > - WinXP
> > - IE 6
> > - Netscape 7.0
> >
> > Non M$ Workstation
> > - Solaris 9
> > - Netscape 7.0
> >
> > Proxy Server
> > - FreeBSD 4.9
> > - Samba 3.0.0,1 from ports
> > - Squid 2.5_4 from ports
> >
> > -----------------------------------------------------------------------------------
> > output of 'squid -v'
> >
> > Squid Cache: Version 2.5.STABLE3
> > configure options: --bindir=/usr/local/sbin
> > --sysconfdir=/usr/local/etc/squid --datadir=/usr/local/etc/squid
> > --localstatedir=/usr/local/squid '--enable-storeio=ufs diskd null'
> > '--enable-removal-policies=lru heap' --enable-auth=ntlm,basic
> > '--enable-basic-auth-helpers=NCSA winbind'
> > --enable-ntlm-auth-helpers=winbind
> > '--enable-external-acl-helpers=wbinfo_group winbind_group' --enable-snmp
> > --enable-delay-pools --enable-useragent-log --enable-referer-log
> > --disable-ident-lookups --enable-underscores --prefix=/usr/local
> > i386-portbld-freebsd4.9
> >
> > -----------------------------------------------------------------------------------
> > CACHE.LOG
> >
> > Jan 9 16:10:05 cache02 [2004/01/09 16:10:05, 3]
> > libsmb/ntlmssp.c:ntlmssp_server_auth(286)
> > Jan 9 16:10:05 cache02 user=[TESTUSER1] domain=[TESTDOMAIN]
> > workstation=[TESTWKSN] len1=24 len2=24
> >
> > -----------------------------------------------------------------------------------
> > SQUID.CONF
> >
> > auth_param ntlm program /usr/local/bin/ntlm_auth
> > --helper-protocol=squid-2.5-ntlmssp
> > auth_param ntlm children 5
> > auth_param ntlm max_challenge_reuses 0
> > auth_param ntlm max_challenge_lifetime 20 minutes
> >
> > auth_param basic program /usr/local/bin/ntlm_auth
> > --helper-protocol=squid-2.5-basic
> > auth_param basic children 5
> > auth_param basic realm Squid proxy-caching web server
> > auth_param basic credentialsttl 2 hours
> >
> > acl AuthorizedUsers proxy_auth REQUIRED
> >
> > http_access allow AuthorizedUsers
> >
> > -----------------------------------------------------------------------------------
> > SMB.CONF
> >
> > security = ads
> > password server = TESTADC0 TESTADC1
> > encrypt passwords = yes
> >
> > idmap uid = 10000-20000
> > idmap gid = 10000-20000
> > winbind enum users = yes
> > winbind enum groups = yes
> >
> > winbind separator = "
> > realm = TEST.COM
> > winbind use default domain = yes
> > workgroup = TESTDOMAIN
> >
> > domain master = no
>
Received on Mon Jan 12 2004 - 11:45:27 MST
This archive was generated by hypermail pre-2.1.9 : Sun Feb 01 2004 - 12:00:05 MST