[Samba] problems using auth_ntlm_winbind_module
robert rottermann
robert at redcor.ch
Tue Dec 11 07:10:00 GMT 2007
Hi there,
I am trying to setup up an intranet where I would like to use
auth_ntlm_winbind_module to create a an environment where windows user
are automatically logged into the intranet.
winbind seems to work fine.
at least when I issue
wbinfo -i USER I get a correct answer
my problem is, that when I try to access the intranet I get a "The page
cannot be displayed" error from apache.
however, when I remove the ntlm authentication accessing the intranet
works fine.
any pointer where to start to look for a solution would be greatly
appreciated.
robert
this is the virtual host part of apache config
NameVirtualHost *:80
<VirtualHost *:80>
#DocumentRoot /srv/www
ServerAdmin robert at redcor.ch
ServerName intranettest.zehndergroup.com
CustomLog /var/log/httpd/intranet-access.log combined
ErrorLog /var/log/httpd/intranet-error.log
LogLevel debug
RewriteLog "/var/log/httpd/rewrite_log"
RewriteLogLevel 2
<Location "/">
AuthName "NTLM Authentication thingy"
NTLMAuth on
NTLMAuthHelper "/usr/bin/ntlm_auth \
--helper-protocol=squid-2.5-ntlmssp -d10 -l/root"
NTLMBasicAuthoritative on
AuthType NTLM
require valid-user
</Location>
LogLevel debug
RewriteEngine On
# Add to virtual host block for testintranet.zehndergroup.com:80
RewriteRule /(.*)/$
http://127.0.0.1:8080/VirtualHostBase/http/intranettest.zehndergroup.com:80/zehnderi/zehnderi/VirtualHostRoot/$1
[L,P]
RewriteRule ^/(.*)
http://127.0.0.1:8080/VirtualHostBase/http/intranettest.zehndergroup.com:80/zehnderi/zehnderi/VirtualHostRoot/$1
[L,P]
</VirtualHost>
-----------------------------
this is what I get from apaches error log:
[2007/12/11 07:10:46, 10] utils/ntlm_auth.c:manage_squid_request(2081)
Got 'YR TlRMTVNTUAABAAAAB4IAogAAAAAAAAAAAAAAAAAAAAAFAJMIAAAAD2==' from
squid (length: 59).
[2007/12/11 07:10:46, 10]
utils/ntlm_auth.c:manage_squid_ntlmssp_request(763)
got NTLMSSP packet:
[2007/12/11 07:10:46, 10] lib/util.c:dump_data(2283)
[000] 4E 54 4C 4D 53 53 50 00 01 00 00 00 07 82 00 A2 NTLMSSP. ........
[010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[020] 05 00 93 08 00 00 00 0F ........
[2007/12/11 07:10:46, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63)
Got NTLMSSP neg_flags=0xa2008207
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_NEGOTIATE_OEM
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_56
[2007/12/11 07:10:46, 10]
utils/ntlm_auth.c:manage_squid_ntlmssp_request(773)
NTLMSSP challenge
---------------------------------
More information about the samba
mailing list