[Samba] ntlm_auth only supports ntlmv1 and not ntlmv2 ?

Oliver Poths info at linsoft.de
Tue Dec 11 10:02:08 GMT 2007


i set up a squid proxy that should authenticate users against a samba PDC using winbind.
It works fine as long i allow ntlmv1:
on the PDC:
  ntlm auth          = yes
  lanman auth        = no
  client ntlmv2 auth = yes

If i restrict the domains authentication method to ntlmv2 - that's what i want - with these settings:

  ntlm auth          = no
  lanman auth        = no
  client ntlmv2 auth = yes

i get this error in the logs:
  ntlm_password_check: NTLMv1 passwords NOT PERMITTED for user willi
  [2007/11/19 19:41:09, 3] libsmb/ntlm_check.c:ntlm_password_check(356)
    ntlm_password_check: NEITHER LanMan nor NT password supplied for user willi

The proxy denies access of course.

So is this a limitation of ntlm_auth ?
Is it somehow possible to get ntlmv2 working ?
The used Version is winbind package from debian etch 3.0.24-6etch8.

Best Wishes,


LinSoft GmbH
Feldstraße 20
65326 Aarbergen

 Professional Linux Systems and Services 

Sitz : Feldstraße 20, 65326 Aarbergen
Geschäftsführer : Oliver Poths
Registergericht : Wiesbaden HRB 16647

More information about the samba mailing list