[Samba] ntlm_auth doesn`t work with machine accounts
Jérémy Cluzel
j.cluzel at online.fr
Mon Jul 4 13:03:44 GMT 2005
I try tu use ntlm_auth with a freeradius doing peap authentification.
AFAIK, if I want to log my user on a domain, I have to authenticate my
machine before.
I saw many EAP request from my machine using "host/hostname.domain.org"
as Username... that's why I want to authenticate my machine...
Regards,
Jeremy
Andrew Bartlett a écrit :
>On Thu, 2005-06-30 at 21:11 +0200, Jérémy Cluzel wrote:
>
>
>>Hi,
>>
>>I saw your post on the samba ML...
>>I've the same problem... do you find a solution ?
>>Someone told me to rewrite the auth_ntlm... but I think I'm not able to
>>do this..
>>
>>
>
>This isn't to do with ntlm_auth, but either the winbind backend or the
>remote server. I need to see traces, from a modified windows server,
>set to sign (rather than seal) schannel requests to the DC. This should
>give me the information to allow this to work.
>
>I never expected machine accounts to be able to use NTLM authentication,
>as it goes against historical practice.
>
>Andrew Bartlett
>
>
>
More information about the samba
mailing list