[Samba] ntlm_auth doesn`t work with machine accounts

Jérémy Cluzel j.cluzel at online.fr
Mon Jul 4 13:03:44 GMT 2005


I try tu use ntlm_auth with a freeradius doing peap authentification.
AFAIK, if I want to log my user on a domain, I have to authenticate my 
machine before.
I saw many EAP request from my machine using "host/hostname.domain.org" 
as Username... that's why I want to authenticate my machine...

Regards,

Jeremy

Andrew Bartlett a écrit :

>On Thu, 2005-06-30 at 21:11 +0200, Jérémy Cluzel wrote:
>  
>
>>Hi,
>>
>>I saw your post on the samba ML...
>>I've the same problem... do you find a solution ?
>>Someone told me to rewrite the auth_ntlm... but I think I'm not able to 
>>do this..
>>    
>>
>
>This isn't to do with ntlm_auth, but either the winbind backend or the
>remote server.  I need to see traces, from a modified windows server,
>set to sign (rather than seal) schannel requests to the DC.  This should
>give me the information to allow this to work.
>
>I never expected machine accounts to be able to use NTLM authentication,
>as it goes against historical practice.
>
>Andrew Bartlett
>
>  
>



More information about the samba mailing list