Problem with mod_auth_ntlm_winbind
nils.kloth at hauni.com
nils.kloth at hauni.com
Wed Jul 4 16:42:26 GMT 2007
Hello,
I don't get mod_auth_ntlm_winbind working.
I've followed: <http://adldap.sourceforge.net/mod_auth_ntlm_winbind.php> winbindd is running, and ntlm_auth seems to work:
ntlm_auth --username=kloth
password:
NT_STATUS_OK: Success (0x0)
I am using the following apache config:
<Directory "/srv/www/htdocs/intranet">
Options +FollowSymLinks -Indexes
AllowOverride All
Order deny,allow
AuthName "HAUNI Intranet Login: Bitte mit dem Windows Benutzernamen und Kennwort anmelden"
NTLMAuth on
NegotiateAuth on
NTLMBasicAuthoritative on
NTLMAUTHHelper "/usr/bin/ntlm_auth -d10 --diagnostics --helper-protocol=squid-2.5-ntlmssp"
NegotiateAuthHelper "/usr/bin/ntlm_auth -d10 --diagnostics --helper-protocol=gss-spnego"
AuthType NTLM
AuthType Negotiate
Allow from 149.242.6.0/23
Allow from 127.0.0.1
Allow from 149.242.45.72
Deny from all
Require valid-user
Satisfy Any
</Directory>
if i try to open the site via IE6 i got the following error_log output:
Don't mind
[Wed Jul 04 18:12:25 2007] [debug] mod_auth_ntlm_winbind.c(704): [client 149.242.98.209] Dies ist die Laenge 8192
[Wed Jul 04 18:12:25 2007] [debug] mod_auth_ntlm_winbind.c(737): [client 149.242.98.209] Wir sind hier
these is some additional debuginfo from me.
[Wed Jul 04 18:37:24 2007] [debug] mod_auth_ntlm_winbind.c(1021): [client 149.242.98.209] doing ntlm auth dance
[Wed Jul 04 18:37:24 2007] [debug] mod_auth_ntlm_winbind.c(482): [client 149.242.98.209] Launched ntlm_helper, pid 4986
[Wed Jul 04 18:37:24 2007] [debug] mod_auth_ntlm_winbind.c(652): [client 149.242.98.209] creating auth user
[Wed Jul 04 18:37:24 2007] [debug] mod_auth_ntlm_winbind.c(703): [client 149.242.98.209] parsing reply from helper to YR TlRMTVNTUAABAAAAB7IAogUABQAuAAAABgAGACgAAAAFAJMIAAAAD0tQMjk2OEhBVU5J\n
[Wed Jul 04 18:37:24 2007] [debug] mod_auth_ntlm_winbind.c(704): [client 149.242.98.209] Dies ist die Laenge 8192
[2007/07/04 18:37:24, 5] lib/debug.c:debug_dump_status(391)
INFO: Current debug levels:
all: True/10
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
quota: False/0
acls: False/0
locking: False/0
msdfs: False/0
dmapi: False/0
[2007/07/04 18:37:24, 10] utils/ntlm_auth.c:manage_squid_request(2081)
Got 'YR TlRMTVNTUAABAAAAB7IAogUABQAuAAAABgAGACgAAAAFAJMIAAAAD0tQMjk2OEhBVU5J' from squid (length: 71).
[2007/07/04 18:37:24, 10] utils/ntlm_auth.c:manage_squid_ntlmssp_request(763)
got NTLMSSP packet:
[2007/07/04 18:37:24, 10] lib/util.c:dump_data(2225)
[000] 4E 54 4C 4D 53 53 50 00 01 00 00 00 07 B2 00 A2 NTLMSSP. ........
[010] 05 00 05 00 2E 00 00 00 06 00 06 00 28 00 00 00 ........ ....(...
[020] 05 00 93 08 00 00 00 0F 4B 50 32 39 36 38 48 41 ........ KP2968HA
[030] 55 4E 49 UNI
[2007/07/04 18:37:24, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63)
Got NTLMSSP neg_flags=0xa200b207
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_NEGOTIATE_OEM
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED
NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_56
[2007/07/04 18:37:24, 10] utils/ntlm_auth.c:manage_squid_ntlmssp_request(773)
NTLMSSP challenge
[2007/07/04 18:37:24, 2] utils/ntlm_auth.c:manage_squid_request(2075)
Oversized message
ERR
[2007/07/04 18:37:24, 10] utils/ntlm_auth.c:manage_squid_request(2081)
Got '*' from squid (length: 103).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(750)
NTLMSSP query [*] invalidGot '*' from squid (length: 95).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(750)
NTLMSSP query [*] invalidGot '*' from squid (length: 808).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(750)
[Wed Jul 04 18:37:24 2007] [debug] mod_auth_ntlm_winbind.c(737): [client 149.242.98.209] Wir sind hier
NTLMSSP query [*] invalidOversized message
ERR
[Wed Jul 04 18:37:24 2007] [debug] mod_auth_ntlm_winbind.c(743): [client 149.242.98.209] got response: TT TlRMTVNTUAACAAAACgAKADAAAAAFgoGijxIrhqQLjLcAAAAAAAAAAHgAeAA6AAAASABBAFUATgBJAAIACgBIAEEAVQBOAEkAAQAMAEsATABTADAANwA4AAQAIABoAGEAdQBuAGkALgBrAG8AZQByAGIAZQByAC4AZABlAAMALgBrAGwAcwAwADcAOAAuAGgAYQB1AG4AaQAuAGsAbwBlAHIAYgBlAHIALgBkAGUAAAAAAA==
[Wed Jul 04 18:37:24 2007] [debug] mod_auth_ntlm_winbind.c(757): [client 149.242.98.209] Wir sind hier not null
[2007/07/04 18:37:24, 2] utils/ntlm_auth.c:manage_squid_request(2075)
[Wed Jul 04 18:37:24 2007] [debug] mod_auth_ntlm_winbind.c(411): [client 149.242.98.209] sending back TlRMTVNTUAACAAAACgAKADAAAAAFgoGijxIrhqQLjLcAAAAAAAAAAHgAeAA6AAAASABBAFUATgBJAAIACgBIAEEAVQBOAEkAAQAMAEsATABTADAANwA4AAQAIABoAGEAdQBuAGkALgBrAG8AZQByAGIAZQByAC4AZABlAAMALgBrAGwAcwAwADcAOAAuAGgAYQB1AG4AaQAuAGsAbwBlAHIAYgBlAHIALgBkAGUAAAAAAA==
Oversized message
ERR
[2007/07/04 18:37:24, 10] utils/ntlm_auth.c:manage_squid_request(2081)
Got '' from squid (length: 261).
[2007/07/04 18:37:24, 2] utils/ntlm_auth.c:manage_squid_request(2084)
Invalid Request
ERR
[2007/07/04 18:37:24, 10] utils/ntlm_auth.c:manage_squid_request(2081)
Got '*' from squid (length: 111).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(750)
NTLMSSP query [*] invalidGot 'Ô*' from squid (length: 15).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(750)
NTLMSSP query [Ô*] invalidGot '*' from squid (length: 15).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(750)
NTLMSSP query [*] invalidGot '*' from squid (length: 14).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(750)
NTLMSSP query [*] invalidGot '' from squid (length: 936).
[2007/07/04 18:37:24, 2] utils/ntlm_auth.c:manage_squid_request(2084)
Invalid Request
ERR
[2007/07/04 18:37:24, 10] utils/ntlm_auth.c:manage_squid_request(2081)
Got '*' from squid (length: 111).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(750)
NTLMSSP query [*] invalidGot '*' from squid (length: 7).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(750)
NTLMSSP query [*] invalidGot '*' from squid (length: 135).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(750)
NTLMSSP query [*] invalidGot '*' from squid (length: 136).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(750)
NTLMSSP query [*] invalidGot 'Ô*' from squid (length: 77).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(750)
NTLMSSP query [Ô*] invalidGot '' from squid (length: 57).
[2007/07/04 18:37:24, 2] utils/ntlm_auth.c:manage_squid_request(2084)
Invalid Request
ERR
[2007/07/04 18:37:24, 10] utils/ntlm_auth.c:manage_squid_request(2081)
Got 'Ô*' from squid (length: 29).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(750)
NTLMSSP query [Ô*] invalidOversized message
ERR
[2007/07/04 18:37:24, 2] utils/ntlm_auth.c:manage_squid_request(2075)
Oversized message
ERR
[2007/07/04 18:37:24, 10] utils/ntlm_auth.c:manage_squid_request(2081)
Got '' from squid (length: 111).
[2007/07/04 18:37:24, 2] utils/ntlm_auth.c:manage_squid_request(2084)
Invalid Request
ERR
[2007/07/04 18:37:24, 2] utils/ntlm_auth.c:manage_squid_request(2075)
Oversized message
ERR
[2007/07/04 18:37:24, 10] utils/ntlm_auth.c:manage_squid_request(2081)
Got 'ÿ' from squid (length: 511).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(692)
NTLMSSP query [ÿ] invalidOversized message
ERR
[2007/07/04 18:37:24, 10] utils/ntlm_auth.c:manage_squid_request(2081)
Got 'UUU' from squid (length: 55).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(750)
NTLMSSP query [UUU] invalidGot 'UUU' from squid (length: 1937).
[2007/07/04 18:37:24, 1] utils/ntlm_auth.c:manage_squid_ntlmssp_request(750)
[Wed Jul 04 18:37:24 2007] [debug] mod_auth_ntlm_winbind.c(1021): [client 149.242.98.209] doing ntlm auth dance
[Wed Jul 04 18:37:24 2007] [debug] mod_auth_ntlm_winbind.c(484): [client 149.242.98.209] Using existing auth helper 4986
[Wed Jul 04 18:37:24 2007] [debug] mod_auth_ntlm_winbind.c(703): [client 149.242.98.209] parsing reply from helper to KK TlRMTVNTUAADAAAAGAAYAGgAAAAYABgAgAAAAAoACgBIAAAACgAKAFIAAAAMAAwAXAAAAAAAAACYAAAABYKAogUAkwgAAAAPSABBAFUATgBJAEsATABPAFQASABLAFAAMgA5ADYAOAC5LMOfzAhKStJ/Smr+lEd/4PlspspyOEydyLZrPod3a6iuw8MyiP0MBK+FwHrAPfM=\n
NTLMSSP query [UUU] invalidOversized message
ERR
[Wed Jul 04 18:37:24 2007] [debug] mod_auth_ntlm_winbind.c(704): [client 149.242.98.209] Dies ist die Laenge 8192
[Wed Jul 04 18:37:24 2007] [debug] mod_auth_ntlm_winbind.c(737): [client 149.242.98.209] Wir sind hier
[Wed Jul 04 18:37:24 2007] [debug] mod_auth_ntlm_winbind.c(743): [client 149.242.98.209] got response: BH
[Wed Jul 04 18:37:24 2007] [error] [client 149.242.98.209] (11)Resource temporarily unavailable: failed to parse response from helper
I read a lot of google entries but i don't get it myself. Did anyone have an idea?
Thank you,
Nils Kloth
More information about the samba-technical
mailing list