[Samba] NTLMv2, Samba, and Squid

Darren Maskowitz squitz at gmail.com
Fri Sep 7 21:51:05 GMT 2007

Here is the problem: I'm setting up a new squid proxy server with
authentication via Samba and NTLM because the old one died suddenly.
The new one is up and running and i have it working; mostly. The
kicker is the 2 employees testing Vista (myself and my supervisor)
could not authenticate against the server. I say could because through
a variety of testing and some lucky reading I found the cause of the
problem to be that by default Windows Vista uses NTLMv2 only, and when
I change the setting to LM & NTLM using NTLMv2 for negotiation it all
works. The old proxy server allowed us ot authenticate using NTLMv2,
and that is the goal of this question: what am I missing in my
configuration? Here's a dump of smb.conf taken via a testparm:

        workgroup = EDMCOMPUTRONIX
        realm = COMPUTRONIX.COM
        server string = CX Canada's SQUID Web Proxy
        security = ADS
        password server =
        log file = /var/log/samba/%m.log
        max log size = 500
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        preferred master = No
        domain master = No
        dns proxy = No
        idmap uid = 16777216-33554431
        idmap gid = 16777216-33554431
        winbind separator = +
        winbind enum users = Yes
        winbind enum groups = Yes
        winbind use default domain = Yes

        path = /testshare
        guest ok = Yes

More information about the samba mailing list