[Samba] NTLM and Samba domain - problem with (non-local) logons.
Pawel Sawicki
pawel.sawicki at pawel-sawicki.com
Wed Dec 7 12:00:15 GMT 2005
Hello!
I have a quite strange issue with the Samba based NT domain that I administer.
I've triet to search for the solution but none of the information that I had
found seemed to work.
The trouble is that I can't manage to setup a ntlm based authentication. It
applies to both linux and w32 architectures. In the latter case I achieve
some level of usability - I can login locally. If I try to access the page
from a remote computer I receive the usual "Basic" authentication popup.
Samba is configured to keep all the information in a LDAP backend. Apart
from the NTLM everything else works rather ok.
Things that do function:
1. Local testing.
[root@?~]# read -s PASSWORD
[root@?~]# ntlm_auth --username=manthios --password=$PASSWORD
NT_STATUS_OK: Success (0x0)
2. w32-apache + mod_auth_sspi - LOCAL
As I mentioned before I'm able to authenticate to a ntlm-protected resource if
and only if I login from the same machine the site is running on. If I try to
access the ntlm-protected page from a different computer I get the Basic auth
prompt.
Things that do not work:
1. NTLM on Apache in the Linux environment
No matter whether I try to use mod_ntlm (both original and patched) or
Apache2::AuthenNTLM I can't force it to work properly with the MSIE on domain
accounts.
2. Remote authentication with mod_auth_sspi
If I try to login remotely to a ntlm-protected area I get the basic
authentication window.
Does anyone know what could be the reason of such a misbehaviour?
Thanks in advance for any sort of help - even RTFM will do :)
Best regards,
Pawel Sawicki
More information about the samba
mailing list