Re: NTLM authentication not working

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On 04/11/20 00:53 +0200, Michal Bruncko wrote:
I am trying to use NTLM autentication (using cyrus-sasl-ntlm) for cyrus-imapd server for user authentication.

in imapd.conf:

sasl_ntlm_v2:           yes
sasl_mech_list:         PLAIN NTLM LOGIN is samba 4 AD DC, I have tried also samba 4.2 in NT4 PDC mode, but with same results.

in maillog:

Apr 10 23:32:30 mail cyrus/imaps[10078]: NTLM server step 1
Apr 10 23:32:30 mail cyrus/imaps[10078]: client flags: ffff8207
Apr 10 23:32:33 mail cyrus/imaps[10078]: badlogin: client.example.local [] NTLM [SASL(0): successful result: ]

which corresponds to following samba log messages:

[2020/04/10 23:52:00.583266,  3] ../source3/smbd/process.c:1880(process_smb)
  Transaction 0 of length 51 (0 toread)
[2020/04/10 23:52:00.583359,  3] ../source3/smbd/process.c:1489(switch_message)
  switch message SMBnegprot (pid 28556) conn 0x0
[2020/04/10 23:52:00.586326,  3] ../source3/smbd/negprot.c:576(reply_negprot)
  Requested protocol [NT LM 0.12]
[2020/04/10 23:52:00.586887,  3] ../source3/smbd/negprot.c:377(reply_nt1)
  not using SPNEGO
[2020/04/10 23:52:00.586969,  3] ../source3/smbd/negprot.c:684(reply_negprot)
  Selected protocol NT LM 0.12
[2020/04/10 23:52:00.591116,  3] ../source3/smbd/server_exit.c:249(exit_server_common)
  Server exit (failed to receive smb request)

Hi Michal,

You can increase libsasl's logging with the following in your imapd.conf:

sasl_log_level: 7

See: for
a description of the available log levels. You may need to modify your
syslog configuration to accept more verbose auth.* levels.

Dan White

[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux