Current Setup: Ubuntu Dapper w/Apache 2 & perl and latest AuthenNTLM. This server is connected to an Active Directory Domain at work and has a FQDN that is x4 (machine.something.domain.com ).
Issue: Internet Explorer (6 &7) will not authenticate. Note: FF & Opera will (thus I know that AuthenNTLM is setup correctly) Config: PerlAuthenHandler Apache2::AuthenNTLM AuthType NTLM AuthName "machine.something.domain.com" require valid-user PerlAddVar ntdomain "something.domain.com PDC BDC" PerlSetVar defaultdomain "something" PerlSetVar ntlmauthoritative on PerlSetVar splitdomainprefix 1 PerlSetVar ntlmdebug 2 #PerlSetVar ntlmsemkey 23754 #PerlSetVar ntlmsemtimeout 2 Note: If you look at the snippet from error.log below, you'll notice that in browsers that work, you get "AuthenNTLM: Start NTLM Authen handler pid..." where it's missing in the IE log. Results in /var/log/apache2/error.log when trying to use IE: [7109] AuthenNTLM: Config Domain = something.domain.com pdc = PDC bdc = BDC [7109] AuthenNTLM: Config Default Domain = something [7109] AuthenNTLM: Config Fallback Domain = something.domain.com [7109] AuthenNTLM: Config AuthType = NTLM,basic AuthName = machine.something.domain.com [7109] AuthenNTLM: Config Auth NTLM = 1 Auth Basic = 1 [7109] AuthenNTLM: Config NTLMAuthoritative = on BasicAuthoritative = on [7109] AuthenNTLM: Config Semaphore key = 23754 timeout = 2 [7109] AuthenNTLM: Config SplitDomainPrefix = 1 [7109] AuthenNTLM: Authorization Header <not given> [7110] AuthenNTLM: Config Domain = something.domain.com pdc = PDC bdc = BDC [7110] AuthenNTLM: Config Default Domain = something [7110] AuthenNTLM: Config Fallback Domain = something.domain.com [7110] AuthenNTLM: Config AuthType = NTLM,basic AuthName = machine.something.domain.com [7110] AuthenNTLM: Config Auth NTLM = 1 Auth Basic = 1 [7110] AuthenNTLM: Config NTLMAuthoritative = on BasicAuthoritative = on [7110] AuthenNTLM: Config Semaphore key = 23754 timeout = 2 [7110] AuthenNTLM: Config SplitDomainPrefix = 1 [7110] AuthenNTLM: Authorization Header NTLM TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw== [7110] AuthenNTLM: Got: 78 84 76 77 83 83 80 0 1 0 0 0 7 130 8 162 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 5 1 40 10 0 0 0 15 [7110] AuthenNTLM: protocol=NTLMSSP, type=1, flags1=7(NEGOTIATE_UNICODE,NEGOTIATE_OEM,REQUEST_TARGET), flags2=130(NEGOTIATE_ALWAYS_SIGN,NEGOTIATE_NTLM), domain length=0, domain offset=0, host length=0, host offset=0, host=, domain= [7110] handler type == 1 [7110] AuthenNTLM: Connect to pdc = PDC bdc = BDC domain = something.domain.com [7110] AuthenNTLM: timed outwhile waiting for lock (key = 23754) [7110] AuthenNTLM: leave lock [7110] AuthenNTLM: verify handle smbhandle == 137318920 [7110] AuthenNTLM: Send: 78 84 76 77 83 83 80 0 2 0 0 0 0 0 0 0 40 0 0 0 1 130 0 0 144 192 86 201 117 15 24 18 0 0 0 0 0 0 0 0 [7110] AuthenNTLM: charencoding = 1 [7110] AuthenNTLM: flags2 = 130 [7110] AuthenNTLM: nonce=<90>ÃVÃu^O^X^R [7110] AuthenNTLM: Send header: NTLM TlRMTVNTUAACAAAAAAAAACgAAAABggAAkMBWyXUPGBIAAAAAAAAAAA== [7110] AuthenNTLM: verify handle = 1 smbhandle == 137318920 Results in /var/log/apache2/error.log when trying to using FF (which works): Results in /var/log/apache2/error.log when trying to using FF (which works): [7496] AuthenNTLM: Config Domain = something.domain.com pdc = PDC bdc = BDC [7496] AuthenNTLM: Config Default Domain = something [7496] AuthenNTLM: Config Fallback Domain = something.domain.com [7496] AuthenNTLM: Config AuthType = NTLM,basic AuthName = machine.something.domain.com [7496] AuthenNTLM: Config Auth NTLM = 1 Auth Basic = 1 [7496] AuthenNTLM: Config NTLMAuthoritative = on BasicAuthoritative = on [7496] AuthenNTLM: Config Semaphore key = 23754 timeout = 2 [7496] AuthenNTLM: Config SplitDomainPrefix = 1 [7496] AuthenNTLM: Authorization Header <not given> [7496] AuthenNTLM: Start NTLM Authen handler pid = 7496, connection = 137264168 conn_http_hdr = keep-alive main = cuser = remote_ip = 10.23.85.46 remote_port = 13107 remote_host = <> version = 0.02 smbhandle = [7496] AuthenNTLM: Object exists user = \ [7496] AuthenNTLM: Authorization Header NTLM TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA= [7496] AuthenNTLM: Got: 78 84 76 77 83 83 80 0 1 0 0 0 7 130 8 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 [7496] AuthenNTLM: protocol=NTLMSSP, type=1, flags1=7(NEGOTIATE_UNICODE,NEGOTIATE_OEM,REQUEST_TARGET), flags2=130(NEGOTIATE_ALWAYS_SIGN,NEGOTIATE_NTLM), domain length=0, domain offset=0, host length=0, host offset=0, host=, domain= [7496] handler type == 1 [7496] AuthenNTLM: Connect to pdc = PDC bdc = BDC domain = something.domain.com [7496] AuthenNTLM: timed outwhile waiting for lock (key = 23754) [7496] AuthenNTLM: leave lock [7496] AuthenNTLM: verify handle smbhandle == 137320032 [7496] AuthenNTLM: Send: 78 84 76 77 83 83 80 0 2 0 0 0 0 0 0 0 40 0 0 0 1 130 0 0 87 69 85 25 250 62 74 59 0 0 0 0 0 0 0 0 [7496] AuthenNTLM: charencoding = 1 [7496] AuthenNTLM: flags2 = 130 [7496] AuthenNTLM: nonce=WEU^Yú>J; [7496] AuthenNTLM: Send header: NTLM TlRMTVNTUAACAAAAAAAAACgAAAABggAAV0VVGfo+SjsAAAAAAAAAAA== [7496] AuthenNTLM: verify handle = 1 smbhandle == 137320032 [7496] AuthenNTLM: Start NTLM Authen handler pid = 7496, connection = 137264168 conn_http_hdr = keep-alive main = cuser = remote_ip = 10.23.85.46 remote_port = 13107 remote_host = <> version = 0.02 smbhandle = [7496] AuthenNTLM: Object exists user = \ [7496] AuthenNTLM: Authorization Header NTLM TlRMTVNTUAADAAAAGAAYAHAAAAAYABgAiAAAAAYABgBAAAAAEAAQAEYAAAAaABoAVgAAAAAAAAAAAAAAAYIAAGEAbQByAGoAagBtAGUAZABlAGwAbABqAGoAbQBlAGQAZQBsAGwALQBtAG8AYgBsALJ+cg/WZZ071jJJAeecsYH00QdDTYL1NrJ+cg/WZZ071jJJAeecsYH00QdDTYL1Ng== [7496] AuthenNTLM: Got: 78 84 76 77 83 83 80 0 3 0 0 0 24 0 24 0 112 0 0 0 24 0 24 0 136 0 0 0 6 0 6 0 64 0 0 0 16 0 16 0 70 0 0 0 26 0 26 0 86 0 0 0 0 0 0 0 0 0 0 0 1 130 0 0 97 0 109 0 114 0 106 0 106 0 109 0 101 0 100 0 101 0 108 0 108 0 106 0 106 0 109 0 101 0 100 0 101 0 108 0 108 0 45 0 109 0 111 0 98 0 108 0 178 126 114 15 214 101 157 59 214 50 73 1 231 156 177 129 244 209 7 67 77 130 245 54 178 126 114 15 214 101 157 59 214 50 73 1 231 156 177 129 244 209 7 67 77 130 245 54 [7496] AuthenNTLM: protocol=NTLMSSP, type=3, user=username, host=username-mobl, domain=something, msg_len=0 [7496] handler type == 3 [7496] AuthenNTLM: verify handle = 3 smbhandle == 137320032 [7496] AuthenNTLM: Verify user username via smb server [7496] AuthenNTLM: OK pid = 7496, connection = 137264168 cuser = username ip = 10.23.85.46
