+ Post New Thread
Results 1 to 14 of 14
*nix Thread, MRBS + NTLM Authentication in Technical; Just been going through a test install of MRBS on linux (debian sarge, 2.4 kernel) and im having trouble getting ...
  1. #1

    Join Date
    Sep 2005
    Posts
    143
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    19

    MRBS + NTLM Authentication

    Just been going through a test install of MRBS on linux (debian sarge, 2.4 kernel) and im having trouble getting MRBS to recognise the windows users.
    Doing wbinfo -g and -u gives the users/groups of our domain (i had trouble getting it to list the correct domain - it kept listing our admin domain and wouldnt list our curriculum - but its working now - no idea why )
    Anyway, when i book out a room for one period and then go back into the booking and see who is under 'Created by' its blank!
    What have i missed?
    Ive changed the config as suggested in the docs.
    $auth["session"] = "nt"
    $auth["type"] = "none"

  2. #2
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    5,002
    Thank Post
    120
    Thanked 282 Times in 260 Posts
    Rep Power
    108

    Re: MRBS + NTLM Authentication

    oops was getting the parameters mixed up ops: ignore if you read before :P

    Thats the config I use but im using a windows box for MRBS.

  3. #3

    webman's Avatar
    Join Date
    Nov 2005
    Location
    North East England
    Posts
    8,406
    Thank Post
    639
    Thanked 961 Times in 661 Posts
    Blog Entries
    2
    Rep Power
    324

    Re: MRBS + NTLM Authentication

    Have you tried wbinfo -a username%password where username and password is a valid account? If that succeeds then it may be an MRBS and/or PHP configuration issue.

  4. #4

    Join Date
    Sep 2005
    Posts
    143
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    19

    Re: MRBS + NTLM Authentication

    hhlinux:~# wbinfo -a stafftest%password
    plaintext password authentication failed
    error code was NT_STATUS_NO_SUCH_USER (0xc0000064)
    error messsage was: No such user
    Could not authenticate user stafftest%R0ther with plaintext password
    challenge/response password authentication failed
    error code was NT_STATUS_NO_TRUST_SAM_ACCOUNT (0xc000018b)
    error messsage was: No trusted SAM account
    Could not authenticate user stafftest with challenge/response

    hhlinux:~# wbinfo -u | grep stafftest
    HHDOMAIN\stafftest

  5. #5

    webman's Avatar
    Join Date
    Nov 2005
    Location
    North East England
    Posts
    8,406
    Thank Post
    639
    Thanked 961 Times in 661 Posts
    Blog Entries
    2
    Rep Power
    324

    Re: MRBS + NTLM Authentication

    What is your smb.conf's "winbind use default domain"? It should be set to 'yes'.

  6. #6

    Join Date
    Sep 2005
    Posts
    143
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    19

    Re: MRBS + NTLM Authentication

    That wasnt in the smb.conf - it is now and still the same error.
    Annoying!

  7. #7

    webman's Avatar
    Join Date
    Nov 2005
    Location
    North East England
    Posts
    8,406
    Thank Post
    639
    Thanked 961 Times in 661 Posts
    Blog Entries
    2
    Rep Power
    324

    Re: MRBS + NTLM Authentication

    Quote Originally Posted by Frazer
    That wasnt in the smb.conf - it is now and still the same error.
    Annoying!
    Have you restarted all the sambe daemons (winbindd, smbd, nmbd)?

  8. #8

    Join Date
    Sep 2005
    Posts
    143
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    19

    Re: MRBS + NTLM Authentication

    Yeh did all that. Im not in now till jan 6th but if you can think of anything else please post

  9. #9
    linuxgirlie's Avatar
    Join Date
    Jul 2005
    Location
    Kent
    Posts
    340
    Thank Post
    106
    Thanked 33 Times in 18 Posts
    Rep Power
    31

    Re: MRBS + NTLM Authentication

    I have mine authing with samba, but problems at the moment include everyone can login not just staff, I know its an add-on problem, but if anyone knows a way for apache to pick up the samba groups that would be great.

    Jo

  10. #10

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: MRBS + NTLM Authentication

    here's the relevent snippet from the config.inc.php

    Code:
    ###############################################
    # Authentication settings - read AUTHENTICATION
    ###############################################
    $auth["session"] = "http"; # How to get and keep the user ID. One of
                              # "http" "php" "cookie" "ip" "host" "nt" "omni".
    $auth["type"] = "ext"; # How to validate the user/password. One of "none"
                              # "config" "db" "pop3" "imap" "ldap" "nis" "nw" "ext".
    
    # 'session_http' configuration settings
    $auth["realm"]  = "mrbs";
    
    # 'auth_ext' configuration settings
    $auth["prog"]   = "/usr/bin/ntlm_auth";
    $auth["params"] = "--username=#USERNAME# --password=#PASSWORD# --require-membership-of=MRBSUsers";
    The important bit being that last line.

  11. #11


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339

    Re: MRBS + NTLM Authentication

    @linuxgirlie

    Not necessarily related to mrbs (not used it) but you can authenticate apache to any LDAP server (inc Active Directory or an LDAP backend to samba) to do group authentication.
    see mod_auth_ldap for details

  12. #12
    Joedetic's Avatar
    Join Date
    Jan 2006
    Location
    Walsall
    Posts
    1,316
    Thank Post
    6
    Thanked 13 Times in 13 Posts
    Rep Power
    22

    Re: MRBS + NTLM Authentication

    I've set up MRBS to ask for the wibind auth as above.

    It's doing it...it's all setup and asking for authentication.

    I try to authenticate but it falls over.

    My questions are:

    1/ What do i need to do to the samba users configuration stuff
    2/ How do i set access levels of users in AD
    3/ Do i need to specify the OUs etc as per the LDAP config in the config.inc.php?

    Thanks,
    Joe (with head in hands having hoped to have this done today)

  13. #13

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: MRBS + NTLM Authentication

    1) Nothing.
    2) Users in the named group can create bookings. Others cannot.
    3) No

    Your authentication is likely failing because the machines time is too far off the time set on the domain. Use an NTP daemon to keep it in sync.

  14. #14
    Joedetic's Avatar
    Join Date
    Jan 2006
    Location
    Walsall
    Posts
    1,316
    Thank Post
    6
    Thanked 13 Times in 13 Posts
    Rep Power
    22

    Re: MRBS + NTLM Authentication

    We've decided to go with the MS exchange option because i've got myself a paid job (finally) and it needs to be something that the other techies can manage efficiently.

    The job is data entry for Carillion in Birmingham for a week so i need to go in tommorow and this wont be finished in time. But they said the contract will lead to other jobs possibly in 1st line ICT support...which is what i'm used to so that'll be nice

SHARE:
+ Post New Thread

Similar Threads

  1. Moodle & NTLM Authentication
    By alan-d in forum Virtual Learning Platforms
    Replies: 12
    Last Post: 15th December 2009, 02:19 PM
  2. MRBS help
    By niknik in forum Web Development
    Replies: 0
    Last Post: 29th August 2007, 03:00 PM
  3. MRBS Help!
    By adamf in forum Network and Classroom Management
    Replies: 1
    Last Post: 22nd April 2007, 09:48 PM
  4. Replies: 6
    Last Post: 27th February 2007, 08:00 PM
  5. MRBS
    By j17sparky in forum Web Development
    Replies: 6
    Last Post: 17th November 2006, 03:11 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •