[Samba] RE: TOSHARG: Samba ADS domain membership notes

Andrew Bartlett abartlet at samba.org
Thu Oct 14 08:36:03 GMT 2004

On Wed, 2004-10-13 at 23:40, John H Terpstra wrote:
> Jeremy,
> Thanks for this feedback. I will include this info as soon as  I get a
> moment. Good work.

> >
> > It also failed when using the ntlm_auth helper (with basic or NTLM
> > authentication).  I found out this is because neither wbinfo or
> > ntlm_auth support NTLMv2, and I had this setting in my Security
> > Policy:
> >
> >   Network security: LAN Manager authentication level = Send NTLMv2
> > response only\refuse LM & NTLM
> >
> > I configured Squid for NTLMv2 (ntlm_auth
> > --helper-protocol=squid-2.5-ntlmssp) authentication and that worked
> > fine.  I could have saved a lot of time had I realized the other tools
> > would never work.

It was nothing more than a bug - I'm sorry for the delay in getting it
fixed.  The changes are in current SVN, which will be 3.0.8.

You will need to set 'client ntlmv2 auth = yes'.

Andrew Bartlett

Andrew Bartlett                                 abartlet at samba.org
Authentication Developer, Samba Team            http://samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20041014/eb91f337/attachment.bin

More information about the samba mailing list