[Samba] problems using auth_ntlm_winbind_module

robert rottermann robert at redcor.ch
Tue Dec 11 07:10:00 GMT 2007 

Hi there,
I am trying to setup up an intranet where I would like to use
auth_ntlm_winbind_module to create a an environment where windows user
are automatically logged into the intranet.

winbind seems to work fine.
at least when I issue
wbinfo -i USER I get a correct answer


my problem is, that when I try to access the intranet I get a "The page
cannot be displayed" error from apache.

however, when I remove the ntlm authentication accessing the intranet
works fine.

any pointer where to start to look for a solution would be greatly
appreciated.

robert

this is the virtual host part of apache config

NameVirtualHost *:80
<VirtualHost *:80>
    #DocumentRoot /srv/www
    ServerAdmin robert at redcor.ch
    ServerName intranettest.zehndergroup.com
    CustomLog     /var/log/httpd/intranet-access.log combined
    ErrorLog      /var/log/httpd/intranet-error.log
    LogLevel debug

    RewriteLog "/var/log/httpd/rewrite_log"
    RewriteLogLevel 2

    <Location "/">
        AuthName "NTLM Authentication thingy"
        NTLMAuth on
        NTLMAuthHelper "/usr/bin/ntlm_auth \
            --helper-protocol=squid-2.5-ntlmssp -d10 -l/root"
        NTLMBasicAuthoritative on
        AuthType NTLM
        require valid-user
    </Location>
    LogLevel debug
    RewriteEngine On

    # Add to virtual host block for testintranet.zehndergroup.com:80
    RewriteRule /(.*)/$
http://127.0.0.1:8080/VirtualHostBase/http/intranettest.zehndergroup.com:80/zehnderi/zehnderi/VirtualHostRoot/$1
[L,P]
    RewriteRule ^/(.*)
http://127.0.0.1:8080/VirtualHostBase/http/intranettest.zehndergroup.com:80/zehnderi/zehnderi/VirtualHostRoot/$1
[L,P]
</VirtualHost>

-----------------------------

this is what I get from apaches error log:

[2007/12/11 07:10:46, 10] utils/ntlm_auth.c:manage_squid_request(2081)
  Got 'YR TlRMTVNTUAABAAAAB4IAogAAAAAAAAAAAAAAAAAAAAAFAJMIAAAAD2==' from
squid (length: 59).
[2007/12/11 07:10:46, 10]
utils/ntlm_auth.c:manage_squid_ntlmssp_request(763)
  got NTLMSSP packet:
[2007/12/11 07:10:46, 10] lib/util.c:dump_data(2283)
  [000] 4E 54 4C 4D 53 53 50 00  01 00 00 00 07 82 00 A2  NTLMSSP. ........
  [010] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [020] 05 00 93 08 00 00 00 0F                           ........
[2007/12/11 07:10:46, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63)
  Got NTLMSSP neg_flags=0xa2008207
    NTLMSSP_NEGOTIATE_UNICODE
    NTLMSSP_NEGOTIATE_OEM
    NTLMSSP_REQUEST_TARGET
    NTLMSSP_NEGOTIATE_NTLM
    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
    NTLMSSP_NEGOTIATE_128
    NTLMSSP_NEGOTIATE_56
[2007/12/11 07:10:46, 10]
utils/ntlm_auth.c:manage_squid_ntlmssp_request(773)
  NTLMSSP challenge

---------------------------------

More information about the samba mailing list