[clug] NTLM proxy authentication - it's working, it's not

Mike Carden mike.carden at gmail.com
Tue Jul 1 01:38:54 GMT 2008

> My question is: has anyone else had any experience with this
> kind of authentication and can they give me any advice on
> what to do to get my system working with the proxy?

Yeah, a bit. I'm still the third Google hit for 'ntlmaps ubuntu'.

My experience could be summarised as:

1. Yes, use ntlmaps
2. The apt-get (dpkg) default installation in both Debian and Ubuntu
is broken in that the install script doesn't have a low enough default
granularity. I logged this as a bug a long time ago but it hasn't
garnered any love. You need to 'sudo dpkg-reconfigure ntlmaps'
immediately after installing it to enter enough information to get it
to actually work. Or hand edit /etc/ntlmaps/server.cfg if you prefer
but dpkg-reconfigure is faster.
3. Set yourself some sort of reminder to stop ntlmaps before you
change your Windows password or it will silently keep logging in with
your old password and disable your account. This is a right bugger if
you use several machines and forget that one still updates itself via
ntlmaps with your old password and effectively kills your account with
no explanation. It's fun telling the Windows admins why you keep
locking yourself out too.

IIRC you use one o' them rpm based distros and maybe ntlmaps works
fine under them. Come to think of it, I set it up on the Suse laptop
last week via the sourceforge tarball and it worked okay after hand
editing the config.

I've found that the main use I have for it is to get apt-get working
because, as you say, Firefox plays nice via its own proxy settings.
Possibly a better workaround for apt-get is to choose ftp based
repositories and sidestep the MS proxy. Allegedly.


More information about the linux mailing list