Re: [squid-users] squid ntlm_auth not working against samba PDC version above 3.0.26a

--- El sáb, 4/10/08, Henrik Nordstrom <henrik_at_henriknordstrom.net> escribió:

> De: Henrik Nordstrom <henrik_at_henriknordstrom.net>
> Asunto: Re: [squid-users] squid ntlm_auth not working against samba PDC version above 3.0.26a
> Para: cde_ruylopez_at_yahoo.es
> CC: squid-users_at_squid-cache.org
> Fecha: sábado, 4 octubre, 2008 4:19
> On fre, 2008-10-03 at 14:31 +0000, Juan Miguel Corral wrote:
> > But when I have upgraded those
> > servers to hardy (samba 3.0.28a) and lenny (3.2.3),
> then
> > squid auth has stopped working, without any other
> config change.
> >
> > Squid version I am using are 2.6.STABLE16 and
> 2.7.STABLE3.
> > I am using the ntlm_auth helper thatcomes with squid.
>
> Ouch..
>
> What most likely happened is that later Samba relases has a
> higher
> security level setting, denying LANMAN authentication due
> to it's
> serious crypto flaws..
>
That was the problem. Adding

lanman auth = yes

to smb.conf made the ntlm helper work again.

I also have tried the ntlm_auth from Samba suite, and works great without having the need to use the weak LANMAN authentication, but the stronger NTLMv2.
Received on Wed Oct 08 2008 - 09:54:12 MDT