[Samba] Urgent Samba / Squid NTLM Auth Problems

Dave Raven dave at raven.za.net
Wed Nov 9 19:22:27 GMT 2005 

I have an update on the problem Ian posted about (I am working with him to
solve it)...

The problem is isolated to the use of the
utils/ntlm_auth.c:winbind_pw_check, and libsmb/ntlmssp.c:ntlmssp_server_auth
functions as far as I can tell. When using basic auth, or using the command
line tools available NTLMv2 authentication works fine. 

These are some more indepth error messages seen when trying with a valid
user (an invalid user does infact reply invalid user), and a random valid
password (note: changing to use -basic instead of -ntlmssp results in this
all working perfectly - and I have tried 4 different browsers):

[2005/11/09 21:16:38, 10] utils/ntlm_auth.c:manage_squid_request(1609)
  Got 'YR' from squid (length: 2).
[2005/11/09 21:16:38, 10]
utils/ntlm_auth.c:manage_squid_ntlmssp_request(587)
  got NTLMSSP packet:
[2005/11/09 21:16:38, 10]
utils/ntlm_auth.c:manage_squid_ntlmssp_request(597)
  NTLMSSP challenge
[2005/11/09 21:16:38, 10] utils/ntlm_auth.c:manage_squid_request(1609)
  Got 'KK
TlRMTVNTUAADAAAAGAAYAFoAAAAYABgAcgAAAAoACgBIAAAABAAEAFIAAAAEAAQAVgAAAAAAAACK
AAAABgIAAgUBKAoAAAAPTUFTVEVSTUlORElBTkJMVUNZYu0jXv1m1KFd5vnkrpFlwOJD5420tN0z
XyXbhlZLKwpoe2FSZ5eadsZLxQ1IVOBC' from squid (length: 187).
[2005/11/09 21:16:38, 10]
utils/ntlm_auth.c:manage_squid_ntlmssp_request(587)
  got NTLMSSP packet:
[2005/11/09 21:16:38, 10] lib/util.c:dump_data(2053)
  [000] 4E 54 4C 4D 53 53 50 00  03 00 00 00 18 00 18 00  NTLMSSP. ........
  [010] 5A 00 00 00 18 00 18 00  72 00 00 00 0A 00 0A 00  Z....... r.......
  [020] 48 00 00 00 04 00 04 00  52 00 00 00 04 00 04 00  H....... R.......
  [030] 56 00 00 00 00 00 00 00  8A 00 00 00 06 02 00 02  V....... ........
  [040] 05 01 28 0A 00 00 00 0F  4D 41 53 54 45 52 4D 49  ..(..... MASTERMI
  [050] 4E 44 49 41 4E 42 4C 55  43 59 62 ED 23 5E FD 66  NDIANBLU CYb.#^.f
  [060] D4 A1 5D E6 F9 E4 AE 91  65 C0 E2 43 E7 8D B4 B4  ..]..... e..C....
  [070] DD 33 5F 25 DB 86 56 4B  2B 0A 68 7B 61 52 67 97  .3_%..VK +.h{aRg.
  [080] 9A 76 C6 4B C5 0D 48 54  E0 42                    .v.K..HT .B
[2005/11/09 21:16:38, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(606)
  Got user=[IANB] domain=[MASTERMIND] workstation=[LUCY] len1=24 len2=24
[2005/11/09 21:16:38, 3] utils/ntlm_auth.c:winbind_pw_check(427)
  Login for user [MASTERMIND]\[IANB]@[LUCY] failed due to [Wrong Password]
[2005/11/09 21:16:38, 10]
utils/ntlm_auth.c:manage_squid_ntlmssp_request(605)
  NTLMSSP NT_STATUS_WRONG_PASSWORD


As you can see, it is receiving the domain, workstation and user perfectly.
If I manually run it it seems to work fine as well:

[root at server] ~ # ntlm_auth -d10 --helper-protocol=squid-2.5-ntlmssp
[2005/11/09 21:20:28, 5] lib/debug.c:debug_dump_status(368)
YR
[2005/11/09 21:20:32, 10] utils/ntlm_auth.c:manage_squid_request(1609)
  Got 'YR' from squid (length: 2).
[2005/11/09 21:20:32, 10]
utils/ntlm_auth.c:manage_squid_ntlmssp_request(587)
  got NTLMSSP packet:
TT TlRMTVNTUAACAAAAAAAAADAAAAASAgAAPOox0vgWvkoAAAAAAAAAAAAAAAAwAAAA
[2005/11/09 21:20:32, 10]
utils/ntlm_auth.c:manage_squid_ntlmssp_request(597)
  NTLMSSP challenge



What could be the problem ? I'm willing to anything - even arrange remote
access. Whatever is required...

Thank you
Dave

More information about the samba mailing list