On 2/10/2013 8:11 a.m., Aecio Alves wrote:
Good afternoon!
Is there an alternative integrated authentication squid with Samba4,
and NTLM?
I need to do that authentication is integrated with Windows
authentication, when the user makes a log on the domain.
Squid supports this kind of integration with Samba4?
I've done it with version 3 of the Samba.
What information do you need to help me?
Can anyone help me?
Possibly the Samba team can. There have been a number of people finding
sudden problems after only upgrading Samba and thus the ntlm_auth helper
that comes from it.
This is all that has been reported or identified about it so far:
Hi.
Recently I stepped on a bug in ntlm_auth helper from samba4 suite,
guys in the samba team confirmed the possible bug with string
formatting and possibly a missing '\0' delimiter at some point and
requested more info, but in the same time they seem not being in the
mood of explaining how to use ntlm_auth with two protocols -
squid-2.5-ntlmssp/ntlmssp-client-1. The only thing I understood - is
that using these two protocols it's possible to debug the
authentication sequence, but I lack the documentation. I hope you guys
could point me at right direction.
Thanks.
Eugene.
As you may be aware Squid is a community project. So unless someone is
able to spend the time digging deeper this is likely where things will stay.
Not that this will solve the problem of Samba4 NTLM being a bit broken
anyone still using NTLM needs to be aware of and take a good think about
this article:
http://blogs.technet.com/b/authentication/archive/2006/04/07/ntlm-s-time-has-passed.aspx
Amos
