I'm writing some php code and part of it sending an email through smtp server, I used Mail.php from pear but unfortunately I didn't work since the smtp server is using NTLM authentication.Any alternates to Mail.php could solve this problem?
View 1 RepliesOur IT department have NTLM deployed through the intranet servers.I've set network.automatic-ntlm-auth.trusted-uris value in Firefox on some of the Windows machines and that works fine.However setting it in Firefox on the Linux machines is not working.This doesn't surprise me at all, I've no notion of where Firefox on Linux is supposed to get the authentication details from.So how is this process supposed to work? what bits of config / infrastructure am I missing?
View 1 Replies View RelatedI have a squid server currently running with basic authentication. This is a must because we constantly have different people using different machines but the rules must be set per user, not per machine.
We also have a lot of users coming and going. So every time a new user comes to the office I have to manually create a user for him so he can authenticate.
Anyway.. We do not have any windows servers so no Active Directory. But I need some solution to pass the windows login to Squid.
First question: It seems I am using NTLM currently for samba as the person can map their home directories on their windows box withuot authenticating. Why can I not use it for squid?
Second question: Can I make my Centos server into an AD server?
I have a problem with the NTLM proxy we use in school. YAST proxy configuration won't work, it just says authentication error. We have to login with the user in DOMAINuser style and a password, in Firefox it works.
View 6 Replies View RelatedI'm trying to debug the NTLM LWP module.
I added use LWP:ebug qw(+); to the top of my script, but I can't see any change.
I'm on Windows if that makes a difference (installed activeperl).
I know there are probably a million reasons why something perl won't work, but can anyone help me get debug logging showing up?
I'm trying to write a script in Perl to download a file that requires NTLM authentication to access, stored on a machine on this network.The file exists, and can be accessed through a web-browser, btw.
View 1 Replies View RelatedI have a problem I hope someone here can give me some guidance on. I have been looking for ways to do this and so far have come up short. My need is to keep logs of usage of several copiers for billing purposes. The copiers have a built in account code system, with a 999 code limit and will keep the counts, however we have about 12,000 active accounts. Not every account will have usage every month and not every copier needs every account. The last thing I want to have to do is manually update the copier account information every day.
The copiers can authenticate against NTLM (v1 and v2) and "Active Directory" I am told they will happily access LDAP or e-Directory (we are a Novell shop). I dont' want to authenticate users, I want to authenticate "Accounts". I have a MS SQL database that has the "Account information" and my thought was to set up a way to have an LDAP server access the M$ SQL DB (probably a view) to get authentication for the copier to allow the prints and keep the counts. Which I can then import weekly into the accounting system.
So the question is has anyone ever done something like this? Anyone have any idea how best to go about accomplishing this? I guess I could set up an LDAP server separately for the purpose, but it seems I should be able to consolidate things more than that, so that if the account is "Active" it is Authenticated to the copiers If this works well, I will be probably be moving to moving to phone authentication next.
I want to configure NTLM for my Apache webserver, so that it uses active directory login credentials.
Additional info : my listen port will be 82 (http://xxxx.com:82)
I have a problem setting up a SSH tunnel. I know how it's usually done, but the setup is different this time. I am behind a HTTP(S) and FTP proxy, that does NTLM authentication, and I want to access a server beyond the proxy.
MY CLIENT <-> LAN <-> HTTP PROXY <-> INTERNET <-> MY SERVER
So far, the best I have achieved is installing and configuring CNTLM as a local proxy for the authentication part. Using CNTLM, I managed to access and mount a secured (https) DAV share using davfs2. In theory, CNTLM should let me setup permanent tunnels from local ports to distant ports, and it does; however these tunnels don't seem to work for SSH nor for IMAP (another protocol I tried).
I suspect the problem is that neither SSH nor IMAP is HTTP- or FTP-based, but anyway it does not work. So back to square one: how should I proceed to get ssh to connect through the HTTP proxy (with NTLM authentication) to the remote server? For that matter, if there's a better way than SSH to create a tunnel, that would work in my situation, that's OK with me. Just in case, here are the relevant parts from my firewall setup on the server:
Code:
# default policies
iptables -t filter -P INPUT DROP
iptables -t filter -P FORWARD DROP
iptables -t filter -P OUTPUT ACCEPT
# reset
iptables -t filter -F INPUT
iptables -t filter -F FORWARD
iptables -t filter -F OUTPUT
# allow continuation of established connections
iptables -t filter -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t filter -A INPUT -f -j ACCEPT
# allow local connections
iptables -t filter -A INPUT -i lo -j ACCEPT
# open ports:
# ssh
iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT
Yves.
I have a CentOS 5 box that is a web server. When it generates emails, all emails should go out through our Exchange mail server.I believe our Exchange server requires NTLM authentication:
View 1 Replies View RelatedI'm trying to add HTTP authentication to my app (it's a rss reader). As the app is in written in C and uses Libxml2, I've been searching in Libxml2 doc, but it seems it's not possible. Maybe someone could point me to a link to relevant info about how I could achieve that?
View 6 Replies View RelatedI've got an asp page (I can't edit) which I can access with a test user I've setup, however when I try to access to same page via curl, I get the following error:
Code:
<h1> You are not authorized to view this page </h1>
The URL you attempted to reach has an ISAPI or CGI application installed that verifies user credentials before proceeding. This application cannot verify your credentials. There's lots of other text (doubt it's relevant though).
Here's the one liner I'm using:
Code:
curl -A "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" -u myusername:mypassword [URL]
I've done some searching but cant find anything which doesn't suggest rewriting the asp...
Ive been trying to fix my openvpn remote authentication script. I managed to write a script for remote authentication using wordpress db as my base access details storage. However I cannot seem to get past AUTH-FAILED issue. Possible source of conflict might be my database query inside the script which returns nothing. Hope someone with enough knowledge of scripting and database querying can help me here.
here is my vpn_auth.sh:
Code: Code: #!/bin/bash
### Database Informations
DBUSER='dbuser'
DBPASS='dbpass'
[Code]...
I want to configure SSH key-based authentication and SSH password Authentication in same machine for different user .
View 1 Replies View RelatedOn Ubuntu server 10.10, with a relay smtp server with authentication via postfix; I keep getting 535: Incorrect authentication data. I'm sure my username and password is correct. Heres how I set up postfix: I created a file called smarthosts.conf in my /etc/postfix/ directory that contains the following:
[Code].....
my server uses plain text authentication on port 25. I would like to use security like SSL, but this particular server is unsecured.
If I am running a script, let's say a install script. Is there a way to make Su repeat authentication rather then just returning "Authentication failed" and continuing the script?
View 3 Replies View RelatedI need to make a choice on what authentication protocol I want to use for Authentication and Authorization. I was looking at Radius and then literature suggested that Diameter was a better protocol. Keep in mind I need this on a hetrogeneous setup ( linux & windows together). Diameter seemed like a good fit until I discovered that the open source code no longer seems to be maintained ( C/C++).
I was also looking at Kerberos as an option though there is alot overhead with the server. SSL/TLS or EAP? I am looking for simple but secure and am new at the security protocols.
I have a problem with ldap client authentication in ubuntu. I am using rhel5 as openldap server and I configured ubuntu as client, when I am trying to login the following message is coming."su: Authentication service cannot retrieve authentication info. Sorry"
But when I do search through "ldapsearch" command output is coming without any errors, Can anybody explain what would be problem.
I have a network and am using squid proxy with authentication I want to create another subnet without authentication.
View 1 Replies View RelatedHow can I say "yes" to the ssh fingerprint authentication question automatically in my script?
View 10 Replies View RelatedHere is the scenario that I�m facing.I have setup a RHEL5 machine with smb, winbind and krb with ads as the security model. Joined the RHEL machine to the domain.I�m able to see users on the active directory and also able to log-in using SSH which automatically creates a home directory for me (using oddjobd).Two things that I�m trying to achieve are:1.Only users from a certain group on the AD should be allowed to ssh into the RHEL machine.2.Once they ssh in, they should not be able to go to any other directory other than their
View 2 Replies View RelatedI want to set up NIS server. and using NIS wants to authenticate AD (Active Directory ) Users.
e.g 1) how to give rights for windows user using NIS.
2) how to manage windows user on Nis Serrver
3) if password change in windows server that should reflect in NIS Server
provide steps of Setting up NIS server.
Im using FEDORA 12 (constantine )....Everything was working fine.....until yesterday when i tried login to my GUI(gdm) it says authentication failure. so i tried logging in from CLI and it didnt worked either...(it didnt say "password incorrect",rather it it simply reset the screen to "login name:",thats weird...right?)
Then i tried to login as root from from CLI (by default Fedora does not support root login to GUI?) and i was able to login.....
Then it said "System powering down in one minute"............. i didnt understand why that happened.....! but it didnt power down in one minute...
I tried changing my user passwd...still no change.....
I've got a server that was running 11.0 and was set up so that a number of other machines could connect to it via ssh without needing a password by using rsa key authentication. This has worked for a couple of years without problem. I have just progressively upgraded 11.0->11.1, 11.1->11.2 and 11.2->11.3 so now I'm running 11.3 and the above authentication is not working.
My logs show the errors gkr-pam: couldn't get the password from user: Conversation error error: ssh_msg_send: write pam_unix2(sshd:auth): conversation failed error: ssh_msg_send: write
when the automated logins are attempted. Are there any configuration changes that need to be made to get this to work again with 11.3?
Just thought I'd post this in case anyone else is experiencing the same problem. For awhile now, I have been running VirtualBox which was installed by adding the virtualbox.org repository to my apt sources. Starting sometime yesterday, the Update Manager started complaining about key authentication problems, namely:
Code: W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used.GPG error: http://download.virtualbox.org karmic Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 54422A4B98AB5139[URL]..
W: Some index files failed to download, they have been ignored, or old ones used instead. Apparently VirtualBox 3.2 just got released, and it's the first release under the Oracle name (since Oracle's acquisition of Sun). As such, you need to get a new key:
Code:
wget -q http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc -O- | sudo apt-key add -
Problem solved. I then promptly upgraded to 3.2...
how to configure apt-get such that it will ask for authentication (user name and password) each time while accessing the Internet via proxy host, somewhat like sudo command. I don't want my username and password to be saved by apt-get in the apt-get configuration file.
View 2 Replies View RelatedI am running a small ubuntu-server headless machine at home. It is configured with sshd so that I can connect from anywhere (if I have Internet access.)However, there is a thing: I'd like to have good security and disable password authentication, but I also want to be able to connect from a PC that I've never touched before. And no, I'm not prepared to type a 256 bytes password every time I type "sudo ..."
Here is what I thought: I could have a login (pieroxy) that has a moderately strong password and another user (pieroxy-ext) that has a very strong password (100+ chars.) I would use my regular account (pieroxy) whenever I have a key-based authentication and the other one (pieroxy-ext) whenever I have a password-based authentication to do. Then, I'll just su to "pieroxy" and I'm done typing the 100 chars pwd. In order to do that, I would need to be able to configure my machine so that password-based authentication is disabled for all accounts but enabled for my account that has a strong password (pieroxy-ext). Is it possible to disable password-based authentication on a user basis?
i have a nis server and i want it to use it to authenticate users from windows xp clients. is it possible??? if yes how??? i down want to set up a windows ad server.
View 2 Replies View RelatedI'd like to ask one simple question I can't figure out how to solve.I've set up my public key authentication by generating the public key on my Windows box. Copied that into /root/.ssh/authorized_keysDisabled password authentication in /etc/ssh/sshd_config:
#Port 22
#Protocol 2,1
Protocol 2
[code]...
I planned to use Squid on my W2k3 network, because I'm tired of ISA2k6... it's a **** factory in itself. So, I just installed a VM with OpenSuse 11.2 and joined it to my AD W2k3 domain. After correcting the clock problems, everything is running fine except a strange feature that I was not able to solve. After a reboot, I'm not able to login with a domain account. I enter the username/password, choose the domain then it the input fields become grey for 1-2 seconds then the password field is reset and nothing happens. The most strange part comes when you logon with the local root account. You login as root, then logoff and login with any domain account : works like a charm... Kerberos is working fine, systemclock's correct...
View 6 Replies View Related