[squid-users] Squid NTLM Auth Failing on Long Passwords
I appear to have run into an issue with Squid failing to authenticate users with long passwords. I have had a few users that always get a username/password prompt box which re-appears even if the correct info is entered. The AD server logs each of the attempts as a bad password. Squid appears to log it as Empty LM password supplied for user ... No-Auth. (Only verified for some users) The only thing I can find in common between these users would be password that are over 14 characters in length. Is this a possible source of the errors/constant password prompt? From doing some reading it appears that the LanMan hash value becomes NULL after 14 chars are inputed as a password. I'm at a loss for a solution short of telling my users that they need to use shorter passwords. Any thoughts are appreciated. Thanks, Andrew
Re: [squid-users] Squid NTLM Auth Failing on Long Passwords
Hi, Il 17:38 15/04/2008 [EMAIL PROTECTED] ha scritto: I appear to have run into an issue with Squid failing to authenticate users with long passwords. I have had a few users that always get a username/password prompt box which re-appears even if the correct info is entered. The AD server logs each of the attempts as a bad password. Squid appears to log it as Empty LM password supplied for user ... No-Auth. (Only verified for some users) The only thing I can find in common between these users would be password that are over 14 characters in length. Is this a possible source of the errors/constant password prompt? From doing some reading it appears that the LanMan hash value becomes NULL after 14 chars are inputed as a password. I'm at a loss for a solution short of telling my users that they need to use shorter passwords. Any thoughts are appreciated. Thanks, What NTLM helper ? LM based helpers like ntlm_auth provided with Squid are limited to 14 characters password. This is a LM protocol limit. Regards Guido - Guido Serassio Acme Consulting S.r.l. - Microsoft Certified Partner Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY Tel. : +39.011.9530135 Fax. : +39.011.9781115 Email: [EMAIL PROTECTED] WWW: http://www.acmeconsulting.it/
Re: [squid-users] Squid NTLM Auth Failing on Long Passwords
tis 2008-04-15 klockan 11:38 -0400 skrev [EMAIL PROTECTED]: appears to log it as Empty LM password supplied for user ... Which ntlm helper are you using? The ntlm_auth helper from Samba is recommended. Avoid the helpers shipped with Squid, those are not very good and only supports now obsolete LM hashes... Regards Henrik
