Riaan's SysAdmin Blog

My tips, howtos, gotchas, snippets and stuff. Use at your own risk!

LDAP

Windows 7 Samba and Squid Authentication Issue

With advances in Samba authentication, the squid proxy can use Active Directory authentication.

In addition MS Internet Explorer can use the “Integrated Security” feature which means no password box popping up when accessing the Internet.  In my case Windows 7 authentication was not working through a squid proxy.  Meaning samba authentication was not working.

Below it the fix for Windows 7 clients.

Root cause as shown in /var/log/samba/log.wb-YOUR_DOMAIN:

[2009/05/29 10:18:11, 0] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1763)
winbindd_pam_auth_crap: invalid password length 24/300

 

Fix on Windows 7 client:

  1. Control Panel > System and Security  > Administrative Tools
  2. Open, Local Security Policy Computer Management
  3. Local Policies > Security Options > Network Security: LAN Manager Authentication level Properties
  4. Set to "Send LM & NTLM - use NTLMv2 session security if negotiated
    *** Might be set to Not Defined at first

admin

Bio Info for Riaan