ntlm_auth issue

View: New views

2 Messages — Rating Filter: Alert me

ntlm_auth issue

by Hendrik Suantio :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi All,

I am trying to implement ntlm_auth with Windows 2003 AD.
Environment :
- Centos 5.3
- Squid 2.6 STABLE 21
- Samba 3
- Kerberos 5

After configuring everything according to this :
http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirecto
ry
I got this error :

[2009/11/01 15:36:11, 0] libads/sasl.c:ads_sasl_spnego_bind(330)
kinit succeeded but ads_sasl_spnego_krb5_bind failed: Invalid
credentials
Failed to join domain: Invalid credentials

Anyone ever facing the same problem or have any idea about this error?
I cannot join Linux box the AD.
FYI, kinit, net ads info and klist success (ticket acquired).

Thank you for your attention.

Best Regards,
Hendrik Suantio

RE: ntlm_auth issue

by Joseph L. Casale :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

>After configuring everything according to this :
>http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirectory
>I got this error :
>
> [2009/11/01 15:36:11, 0] libads/sasl.c:ads_sasl_spnego_bind(330)
> kinit succeeded but ads_sasl_spnego_krb5_bind failed: Invalid
>credentials
> Failed to join domain: Invalid credentials
>
>Anyone ever facing the same problem or have any idea about this error?
>I cannot join Linux box the AD.
>FYI, kinit, net ads info and klist success (ticket acquired).

Well, starting with the obvious, how are you formatting the username you are
presenting? Do you have control over AD, are there any configuration settings
changed from the default such as those relating to locking it down?

Also, there is a much simpler approach here:
http://wiki.squid-cache.org/ConfigExamples/Authenticate/NtlmCentOS5