Discussion:
[Samba] Centos 7 & ntlm
Mark Bojara
2016-08-01 18:53:27 UTC
Permalink
Hihi

So I have a really strange problem. I am running Centos 7 with Samba purely
for ntlm_auth against winbind services (squid/radius auth etc). Its been
working fine till we found a strange bug with the ntlm_auth executable.

If the username has a "w" at the end it throws out a syntax error

see below test:

# ./ntlm_auth --username=lblaauw
username must be specified!

Usage: [OPTION...]
--helper-protocol=helper protocol to use operate as a stdio-based
helper
--username=STRING username
--domain=STRING domain name
--workstation=STRING workstation
--challenge=STRING challenge (HEX encoded)
<snip>

# ./ntlm_auth --username=lblaaus
Password:

Ive even gone a far as downloading samba source code and manually compiling
myself a 4.4.5 version.. Both the el7 rpm (4.2.10) and latest code return
the same messages. What am I missing here?

Thanks
Mark
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
mathias dufresne
2016-08-02 09:45:53 UTC
Permalink
That is strange!

We run Centos7 and 4.4.4.

# First test
dc209:~# ntlm_auth --username=mdufresne
Password:
NT_STATUS_OK: Success (0x0)

# sAMAccountName modification
dc209:~# ldbedit -H $sam samaccountname=mdufresne
# 0 adds 1 modifies 0 deletes

# Test with old sAMAccountName
dc209:~# ntlm_auth --username=mdufresne
Password:
NT_STATUS_NO_SUCH_USER: No such user (0xc0000064)

# Test with new username where "w" was added at end:
dc209:~# ntlm_auth --username=mdufresnew
Password:
NT_STATUS_OK: Success (0x0)
dc209:~#
Post by Mark Bojara
Hihi
So I have a really strange problem. I am running Centos 7 with Samba purely
for ntlm_auth against winbind services (squid/radius auth etc). Its been
working fine till we found a strange bug with the ntlm_auth executable.
If the username has a "w" at the end it throws out a syntax error
# ./ntlm_auth --username=lblaauw
username must be specified!
Usage: [OPTION...]
--helper-protocol=helper protocol to use operate as a stdio-based
helper
--username=STRING username
--domain=STRING domain name
--workstation=STRING workstation
--challenge=STRING challenge (HEX encoded)
<snip>
# ./ntlm_auth --username=lblaaus
Ive even gone a far as downloading samba source code and manually compiling
myself a 4.4.5 version.. Both the el7 rpm (4.2.10) and latest code return
the same messages. What am I missing here?
Thanks
Mark
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
barış tombul
2016-08-03 06:03:04 UTC
Permalink
samba -V
4.4.5

[***@mems ~]# ntlm_auth --username=btombul
Password:
NT_STATUS_OK: Success (0x0)

[***@mems ~]# ntlm_auth --username=btombulw
Password:
NT_STATUS_NO_SUCH_USER: No such user (0xc0000064)


your smb.conf ?

..
....
ntlm auth = Yes
lanman auth = No
raw NTLMv2 auth = No
client NTLMv2 auth = Yes
client lanman auth = Yes
server max protocol = SMB3_11
server min protocol = LANMAN1
client max protocol = SMB3_11
client min protocol = CORE
....
...
Post by mathias dufresne
That is strange!
We run Centos7 and 4.4.4.
# First test
dc209:~# ntlm_auth --username=mdufresne
NT_STATUS_OK: Success (0x0)
# sAMAccountName modification
dc209:~# ldbedit -H $sam samaccountname=mdufresne
# 0 adds 1 modifies 0 deletes
# Test with old sAMAccountName
dc209:~# ntlm_auth --username=mdufresne
NT_STATUS_NO_SUCH_USER: No such user (0xc0000064)
dc209:~# ntlm_auth --username=mdufresnew
NT_STATUS_OK: Success (0x0)
dc209:~#
Post by Mark Bojara
Hihi
So I have a really strange problem. I am running Centos 7 with Samba
purely
Post by Mark Bojara
for ntlm_auth against winbind services (squid/radius auth etc). Its been
working fine till we found a strange bug with the ntlm_auth executable.
If the username has a "w" at the end it throws out a syntax error
# ./ntlm_auth --username=lblaauw
username must be specified!
Usage: [OPTION...]
--helper-protocol=helper protocol to use operate as a stdio-based
helper
--username=STRING username
--domain=STRING domain name
--workstation=STRING workstation
--challenge=STRING challenge (HEX encoded)
<snip>
# ./ntlm_auth --username=lblaaus
Ive even gone a far as downloading samba source code and manually
compiling
Post by Mark Bojara
myself a 4.4.5 version.. Both the el7 rpm (4.2.10) and latest code return
the same messages. What am I missing here?
Thanks
Mark
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Loading...