[Samba] ntlm_auth for domain group members only

Kerese Peter do at ww55.hu
Wed Apr 25 11:15:27 GMT 2007


Hello,

I got a problem with ntlm_auth version 3.0.21b - I'd like to use it to
authenticate successfully the members of a specified groups only by using
the --require-membership-of option. I've been created a group in windows
2000 ADS and let one user be member of it.

When I try to use specify the group by its name:

ntlm_auth --helper-protocol=squid-2.5-basic --domain DOMAIN2
--require-membership-of='DOMAIN2\groupname'
user password
[2007/04/25 13:03:50, 0] utils/ntlm_auth.c:get_require_membership_sid(230)
  Could not parse DOMAIN2\groupname into seperate domain/name parts!
ERR

If I specify the group with the SID:

 ntlm_auth --helper-protocol=squid-2.5-basic --domain DOMAIN2 
--require-membership-of='S-2-5-21-1174442222-111222401481-452224464-9714'
user password
ERR

It's all what I see. I specified debug and log options but it wasn't more
verbose.

Could you give me some ideas what should I modify/check to make it work,
please?

Thanks in advance for responses
Best Regards
-- 

Peter



More information about the samba mailing list