Sorry about the delay, unfortunately busy with money generating work!!

Hmmmm
Not sure what to suggest here now.
Suggest tht you stop all forms of software action taking place while the
network connection is being established.
For example software update, virex update etc. If they establish connections
before you start authoxy, in theory they should die gracefully. But I'm
not so sure in this case.

Use Little Snitch (versiontracker.com) to check all outgoings.

I think it is time to asesss how your network connections are configured.
Have you disabled all (Apple) fiirewalls and web/file sharing?

Transactions are not being fed back to your own Apple for - for example -
domain name resolution that is failing... do you have a local domain name
resolver/server working? (Not normally enabled)



Actually after looking at your log again, I doubt that all of the above
is relevant!!! You seemed to have made a connection to the server
and it is not being completed in the way that we expect. Are you
using encrypted passwords on the proxy server?

Using Safari, the girls at our school have to login using the following format,

WindowsDomainName/UserName
password

Is this the format that you are using?

Cheers,
Bruce.



>     Additional sleuthing on my problem getting Authoxy to work with NTLM:
> Some NTLM docs here, mostly mystical to me:
>
><http://www.innovation.ch/java/ntlm.html>http://www.innovation.ch/java/ntlm.html
> Also
>
><http://davenport.sourceforge.net/ntlm.html>http://davenport.sourceforge.net/ntl
>m.html
>
> If I start up Authoxy and invoke Software Update (seems a convenient way
>to test quickly), here s my log:
>
> Sep  9 10:59:24 : Authoxy has started successfully
> Sep  9 10:59:30 : Ready to NTLM!
> Sep  9 10:59:30 : Entering Step 1
> Sep  9 10:59:30 : Found Connection: close. Hiding for NTLM Authentication
> Sep  9 10:59:30 : Waiting for Step 2
> Sep  9 10:59:30 : Entering Step 2
> Here s where I get the 120 second timeout. If I Stop Authoxy, Software
>Update aborts, but the log continues with the following:
> Sep  9 10:59:35 : Entering Step 3
> Sep  9 10:59:35 : Created Type 1 string of 60 characters
> Sep  9 10:59:35 : Pausing in Step 3
> Sep  9 10:59:35 : Entering Step 4
> Sep  9 10:59:35 : Content-Length: 0
> Sep  9 10:59:35 : NTLM: Target length is 4
> Sep  9 10:59:35 : NTLM: Target length 2 is 4
> Sep  9 10:59:35 : NTLM: Target offset is 56
> Sep  9 10:59:35 : NTLM Flag: Negotiate OEM
> Sep  9 10:59:35 : NTLM Flag: Request Target
> Sep  9 10:59:35 : NTLM Flag: Negotiate NTLM
> Sep  9 10:59:35 : NTLM Flag: Target Type Domain
> Sep  9 10:59:35 : NTLM Flag: Negotiate Target Info
> Sep  9 10:59:35 : NTLM Flag: UNKNOWN5
> Sep  9 10:59:35 : NTLM: Target is: MBBC
> Sep  9 10:59:35 : NTLM: Target length is 98
> Sep  9 10:59:35 : NTLM: Target length 2 is 98
> Sep  9 10:59:35 : NTLM: Target offset is 60
> Sep  9 10:59:35 : NTLM: TargetInfo is:
>^B^^H^M^B^B^C^^A^^H^I^N^E^T^^D^^P^m^b^b^c^.^e^d^u^^C^^Z^i^n^e^t^.^m^b^b^c^.^e^d^
>u^^E^^P^m^b^b^c^.^e^d^u^^^^^
> Sep  9 10:59:35 : The nonce is:  a^]´jú".
> Sep  9 10:59:35 : Finished Step 4
> Sep  9 10:59:35 : Entering Step 5
> Sep  9 10:59:35 : Got Type 3 msg of 176 characters.
> Sep  9 10:59:35 : Finished NTLM!
>
> Not sure what that means if anything. In one of the docs it says  The
>Type 2 message is sent by the server to the client in response to the
>client's Type 1 message. It serves to complete the negotiation of options
>with the client, and also provides a challenge to the client. It may
>optionally contain information about the authentication target.  Looking
>at the  TargetInfo  above, some information filled in comes from the
>server because it s not in my Authoxy prefs anywhere. That tells me there
>WAS some interaction between the server and Authoxy. But why the delay?
>
> I looked through all my error logs (by searching for  .log ) to see if
>there were any entries. The only one I can find is the entry by Software
>Update, which makes sense, because I pulled the rug out from under it:
>
>  2004-09-09 10:59:35.345 Software Update[651]
>connection:didFailWithError: bad server response
>
> So I m still no closer to tracking down that 120 second delay.
>
> Nothing I put in the Domain and Host/Workstation seems to make a
>difference, the authentication always goes through, but with a 120 second
>delay after  Entering Step 2 . Does that mean I don t have the right
>info yet? Does it mean the program s not working right? Does it mean our
>server isn t working right? Or does it mean that it doesn t matter what
>s in those two fields?
>
> --Steve
>
>
>
>
> On 9/7/04 6:05 PM, "bruce" <[EMAIL PROTECTED]> wrote:
>
>
>
>Dear Steven,
> I managed to replicate this delaying issue accidentially yesterday...
> But it was caused by a break in the network connection... i.e.
> nothing to do with with NTLM.
>
> Here is our NORMAL connection log
>
>
> Sep  7 13:49:49 : Authoxy has started successfully
> Sep  7 13:49:55 : Ready to NTLM!
> Sep  7 13:49:55 : Entering Step 1
> Sep  7 13:49:55 : Found Connection: close. Hiding for NTLM Authentication
> Sep  7 13:49:55 : Waiting for Step 2
> Sep  7 13:49:55 : Entering Step 2
> Sep  7 13:49:56 : Step 2 is complete
> Sep  7 13:49:56 : Entering Step 3
> Sep  7 13:49:56 : Created Type 1 string of 72 characters
> Sep  7 13:49:56 : Pausing in Step 3
> Sep  7 13:49:56 : Entering Step 4
> Sep  7 13:49:56 : Content-Length: 0
> Sep  7 13:49:56 : NTLM: Target length is 13
> Sep  7 13:49:56 : NTLM: Target length 2 is 13
> Sep  7 13:49:56 : NTLM: Target offset is 56
> Sep  7 13:49:56 : NTLM Flag: Negotiate OEM
> Sep  7 13:49:56 : NTLM Flag: Request Target
> Sep  7 13:49:56 : NTLM Flag: Negotiate NTLM
> Sep  7 13:49:56 : NTLM Flag: Target Type Domain
> Sep  7 13:49:56 : NTLM Flag: Negotiate Target Info
> Sep  7 13:49:56 : NTLM Flag: UNKNOWN5
> Sep  7 13:49:56 : NTLM: Target is: TOORAKCOLLEGE
> Sep  7 13:49:56 : NTLM: Target length is 180
> Sep  7 13:49:56 : NTLM: Target length 2 is 180
> Sep  7 13:49:56 : NTLM: Target offset is 69
> Sep  7 13:49:56 : NTLM: TargetInfo is:
>^B^^Z^T^O^O^R^A^K^C^O^L^L^E^G^E^^A^^R^P^R^O^X^Y^2^0^0^4^^D^0^t^o^o^r^a^k^c^o^l^l
>^e^g^e^.^v^i^c^.^e^d^u^.^a^u^^C^D^P^R^O^X^Y^2^0^0^4^.^t^o^o^r^a^k^c^o^l^l^e^g^e^
>.^v^i^c^.^e^d^u^.^a^u^^^^^
> Sep  7 13:49:56 : The nonce is: .¤ËM^G "º.
> Sep  7 13:49:56 : Finished Step 4
> Sep  7 13:49:56 : Entering Step 5
> Sep  7 13:49:56 : Got Type 3 msg of 184 characters.
> Sep  7 13:49:56 : Finished NTLM!
> Sep  7 13:49:56 : Server closed connection, killing session processes.
>
> Takes a second or 2 and on our heavily loaded network thats not bad!!!
>
>
> And here is the error log
>
> Sep  7 13:52:50 : Ready to NTLM!
> Sep  7 13:52:50 : Entering Step 1
> Sep  7 13:52:50 : Found Connection: close. Hiding for NTLM Authentication
> Sep  7 13:52:50 : Waiting for Step 2
> Sep  7 13:52:50 : Entering Step 2
> Sep  7 13:53:12 : Ready to NTLM!
> Sep  7 13:53:12 : Entering Step 1
> Sep  7 13:53:12 : Found Connection: close. Hiding for NTLM Authentication
> Sep  7 13:53:12 : Waiting for Step 2
> Sep  7 13:53:12 : Entering Step 2
> Sep  7 13:53:12 : Step 2 is complete
> Sep  7 13:53:12 : Entering Step 3
> Sep  7 13:53:12 : Created Type 1 string of 72 characters
> Sep  7 13:53:12 : Pausing in Step 3
> Sep  7 13:53:12 : Entering Step 4
> Sep  7 13:53:12 : Content-Length: 0
> Sep  7 13:53:12 : NTLM: Target length is 13
> Sep  7 13:53:12 : NTLM: Target length 2 is 13
> Sep  7 13:53:12 : NTLM: Target offset is 56
> Sep  7 13:53:12 : NTLM Flag: Negotiate OEM
> Sep  7 13:53:12 : NTLM Flag: Request Target
> Sep  7 13:53:12 : NTLM Flag: Negotiate NTLM
> Sep  7 13:53:12 : NTLM Flag: Target Type Domain
> Sep  7 13:53:12 : NTLM Flag: Negotiate Target Info
> Sep  7 13:53:12 : NTLM Flag: UNKNOWN5
> Sep  7 13:53:12 : NTLM: Target is: TOORAKCOLLEGE
> Sep  7 13:53:12 : NTLM: Target length is 180
> Sep  7 13:53:12 : NTLM: Target length 2 is 180
> Sep  7 13:53:12 : NTLM: Target offset is 69
> Sep  7 13:53:12 : NTLM: TargetInfo is:
>^B^^Z^T^O^O^R^A^K^C^O^L^L^E^G^E^^A^^R^P^R^O^X^Y^2^0^0^4^^D^0^t^o^o^r^a^k^c^o^l^l
>^e^g^e^.^v^i^c^.^e^d^u^.^a^u^^C^D^P^R^O^X^Y^2^0^0^4^.^t^o^o^r^a^k^c^o^l^l^e^g^e^
>.^v^i^c^.^e^d^u^.^a^u^^^^^
> Sep  7 13:53:12 : The nonce is: ^H`+ ÿÉðÐ.
> Sep  7 13:53:12 : Finished Step 4
> Sep  7 13:53:12 : Entering Step 5
> Sep  7 13:53:12 : Got Type 3 msg of 184 characters.
> Sep  7 13:53:12 : Finished NTLM!
> Sep  7 13:53:12 : Client closed connection, killing session processes.
>
> Took 22 seconds longer
>
> It was caused when the network connection switched from a lost wireless
> connection to another wireless connection. This may be interesting.
>
> It seems as though you are not maintaining the NETWORK connection reliably.
>
> We know that the NTLM works... eventually but it seems to work.
> Therefore that is probably NOT the problem.
>
> I wonder if the transactions are getting to the proxy server/authenticating
> in the way that you expect?
>
> Is it a highly loaded network?
> Are packets getting dropped anywhere because of load?
> Are you going through restrictive routers?
> Can you direct the transaction to your authenticating server more
>directly...
> i.e. does it have a different IP address?
>
> Note that in your log below, eveything worked perfectly within a second
> AFTER the network connection was established with the Authenicating Server
> see the blue log below.
>
> I am inclined to think that the network connection is not pointing to
> where you think it should be pointing. Check domain name IP addresses...
> If you are using a proxy server then delete DNS entries.
>
> Cheers,
> Bruce.
> PS On a wet cold and miserable Melbourne day downUnder.
>
>
>
>
>
> >     OK I changed NTLM Host/Workstation from sstratpbook (me) to
>10.2.0.2 (our proxy server), and here's my result (better but not optimum)
>accessing Software Update. Takes 2 minutes for step 2 to complete, don t
>know enough about NTLM to know why. That seems to be the exact holdup. In
>the following, the delay is marked in red.
> >  
> > Sep  7 10:32:16 : Authoxy has started successfully
> > Sep  7 10:32:27 : Ready to NTLM!
> > Sep  7 10:32:27 : Entering Step 1
> > Sep  7 10:32:27 : Entering Step 2
> > Sep  7 10:32:27 : Found Connection: close. Hiding for NTLM Authentication
> > Sep  7 10:32:27 : Waiting for Step 2
> > Sep  7 10:34:27 : Step 2 is complete
> > Sep  7 10:34:27 : Entering Step 3
> > Sep  7 10:34:27 : Created Type 1 string of 60 characters
> > Sep  7 10:34:27 : Pausing in Step 3
> > Sep  7 10:34:27 : Entering Step 4
> > Sep  7 10:34:27 : Content-Length: 0
> > Sep  7 10:34:27 : NTLM: Target length is 4
> > Sep  7 10:34:27 : NTLM: Target length 2 is 4
> > Sep  7 10:34:27 : NTLM: Target offset is 56
> > Sep  7 10:34:27 : NTLM Flag: Negotiate OEM
> > Sep  7 10:34:27 : NTLM Flag: Request Target
> > Sep  7 10:34:27 : NTLM Flag: Negotiate NTLM
> > Sep  7 10:34:27 : NTLM Flag: Target Type Domain
> > Sep  7 10:34:27 : NTLM Flag: Negotiate Target Info
> > Sep  7 10:34:27 : NTLM Flag: UNKNOWN5
> > Sep  7 10:34:27 : NTLM: Target is: MBBC
> > Sep  7 10:34:27 : NTLM: Target length is 98
> > Sep  7 10:34:27 : NTLM: Target length 2 is 98
> > Sep  7 10:34:27 : NTLM: Target offset is 60
> > Sep  7 10:34:27 : NTLM: TargetInfo is:
>^B^^H^M^B^B^C^^A^^H^I^N^E^T^^D^^P^m^b^b^c^.^e^d^u^^C^^Z^i^n^e^t^.^m^b^b^c^.^e^d^
>u^^E^^P^m^b^b^c^.^e^d^u^^^^^
> > Sep  7 10:34:27 : The nonce is: åyß ^[k6µ.
> > Sep  7 10:34:27 : Finished Step 4
> > Sep  7 10:34:27 : Entering Step 5
> > Sep  7 10:34:27 : Got Type 3 msg of 176 characters.
> > Sep  7 10:34:27 : Finished NTLM!
> >  
> > Hmmmm I did it again and it again took exactly 120 seconds to complete
>step 2... Sounds like a timeout or something is in operation here...
> >  
> > Settings: Authoxy on port 8081, points to proxy 10.2.0.2:8080, NTLM on,
>domain  mbbc  host/workstation 10.2.0.2
> > Network settings point to proxies to 127.0.0.1:8081, *.mbbc.edu is
>bypassed
> >  
> > Hmmmm again. I blanked out the NTLM host/workstation, left  mbbc  in
>the domain, and restarted Authoxy, same result.......
> >  
> > Testing.......
> >  
> > OK I KNOW I have to use NTLM, because if it s not checked, Authoxy
>doesn t work, and if it is checked, Authoxy DOES work. However, no matter
>what I put in the blanks for BOTH domain and host/workstation don t seem
>to matter, I get a 120 second timeout in step 2.
> >  
> > Testing........ I left both fields blank for NTLM, and this is what
>happened:
> >  
> > Sep  7 11:08:37 : Authoxy has started successfully
> > Sep  7 11:08:46 : Ready to NTLM!
> > Sep  7 11:08:46 : Entering Step 1
> > Sep  7 11:08:46 : Entering Step 2
> > Sep  7 11:08:46 : Found Connection: close. Hiding for NTLM Authentication
> > Sep  7 11:08:46 : Waiting for Step 2
> > Sep  7 11:10:46 : Step 2 is complete
> > Sep  7 11:10:46 : Entering Step 3
> > Sep  7 11:10:46 : Created Type 1 string of 44 characters
> > Sep  7 11:10:46 : Pausing in Step 3
> > Sep  7 11:10:46 : Entering Step 4
> > Sep  7 11:10:46 : Content-Length: 2639
> > Sep  7 11:10:46 : No authentication challenge in NTLM authentication
>Step 4. Giving up.
> >  
> > I will consult with my system administrator, or maybe someone has an
>idea. Thanks for your help. Sooooooo close.  :)
> >  
> > --Steve
> >  
> > On 9/6/04 5:07 PM, "bruce" <[EMAIL PROTECTED]> wrote:
> >  
> > > Set in the NTLM your windows domain name eg for us its "curriculum2"
> > > and in the host, its NOT you/your workstation but the IP address of
> > > your proxy server 10.2.0.1 or whatever,
> > >  
> > > Well thats what we do...
> > >  
> > > Try that.
> > >  
> > > Cheers,
> > > Bruce.
> > >  
> > >  
> > >> --> NTLM Authentication is on, set to my domain (mbbc) and my
>computer name
> > >> (sstratpbook)--I'm checking with our system admin to be sure that's
>correct
> > >>  
> > >> Note: In Authoxy control panel, the number of daemons running
>increases with
> > >> each web access, but doesn't seem to decrease back to 1 after the
>web page
> > >> finishes loading. Don't know if that's normal.
> > >>  
> > >> Any ideas? Thanks for your help--this tool has great potential for
>me to
> > >> provide a higher level of compatibility with our MS network, so I'm not
> > >> willing to give up yet!
> > >>  
> > >> --Steve
> > >  
> > >  
> >    
>
>
>
>
>
>
>
>



Reply via email to