Title: efw 2.4.1 NTLM Authentication problem Post by: dtruffo on Thursday 16 December 2010, 02:10:19 am Hi all.
I've just enabled NTLM authentication on my EFW 2.4.1 No problems making AD join. No trasparent Proxy enabled, but proxy set on clients. When I create an Access Policy I can see all my domain users ans groups. Opening Firefox from a client it asks for username and passwords. I type them and I start browsing Opening IE8 from a client if asks for username and password, but, even if user/password are corrct (the same I used on Firefox), I cannot get authenticated. 1 - How can I solve in IE ?? 2 - Is there a way to automatically pass username/password of the client (already authenticated in then AD domain) whitout asking everytime credentials ?? I was using Astaro berofe migrating to Endian and automatic authentication was working fine!! Thank You Denis Title: Re: efw 2.4.1 NTLM Authentication problem Post by: wdupreez on Thursday 16 December 2010, 07:54:30 pm Hi Denis
I've had a similar problem a few times - I'm on 2.4. I can't say what the problem is/was, the were similar - I kept getting the dialog to authenticate. As far as I can remember I got it in IE8 and Firefox though. What I did to make it work again was to go through my access policies from the top (I have 7 policies) and edit each one and then save it without making any changes. After saving the last policy, I "Apply" to restart the services. It got me going a few times before. I have "integrated authentication" working on IE and Firefox, i.e. users don't have to type their credentials when they open their browser. I haven’t done anything on Endian side to make this work though. The browser needs to be configured to pass the credentials to the proxy when required. Let me know if you need more detail on doing this. The only times I find the browser showing the authentication dialog is when the user account trying to access the internet is locked out or when a user who is not allowed access to the internet tries to access the internet. Just out of interest, did you install using the 2.4.1 ISO and joined AD immediately, or did you install updates first? Title: Re: efw 2.4.1 NTLM Authentication problem Post by: dtruffo on Thursday 16 December 2010, 09:00:07 pm Thank you very much..
I joined AD without problems after installing from scratch 2.4.1.... Just lucky ??? ::) Can you please give me some informations about configuring IE an Firefox to automatically pass credentials, please !! TY Denis Title: Re: efw 2.4.1 NTLM Authentication problem Post by: nbj on Tuesday 11 January 2011, 11:43:46 pm Hi,
I had the same problem See if you have this error in /var/log/squid/cache.log: "Login for user [domain]\[user]@[CC] failed due to [winbind client not authorized to use winbindd_pam_auth_crap. Ensure permissions on /var/cache/samba/winbindd_privileged are set correctly.]" If so do: chown -R root:squid /var/cache/samba/winbindd_privileged /etc/init.d/winbind restart It worked for me. Regards Title: Re: efw 2.4.1 NTLM Authentication problem Post by: bcarrier on Wednesday 12 January 2011, 03:06:41 am I had the same problem and this worked for me. Thanks nbj
Hi, I had the same problem See if you have this error in /var/log/squid/cache.log: "Login for user [domain]\[user]@[CC] failed due to [winbind client not authorized to use winbindd_pam_auth_crap. Ensure permissions on /var/cache/samba/winbindd_privileged are set correctly.]" If so do: chown -R root:squid /var/cache/samba/winbindd_privileged /etc/init.d/winbind restart It worked for me. Regards |