On Tue, 2018-02-06 at 22:06 +0100, j...@centrum.cz wrote: > Hello, > > I spent a little more time investigating the issue. I took a look in > to the source code of libsoup and I think it calls winbind's > ntlm_auth binary without password with the --use-cached-creds option > only. And if that does not work, it makes some own computations. I am > no programmer, so I might be wrong. Nevertheless, I tried to join the > domain and login with pam_winbind to be able to use the cached > credentials. I tried to call ntlm_auth manually and it worked and so > did login in Evolution. I think that libsoup itself might not > actually support NTLMv2, maybe just NTLM2, or the implementation is > broken. Anyway, I post it for information. If there would be anyone > willing to take a look on this, I would appreciate. Using Thunderbird > with EWS plugin for calendars is rather difficult.
Can you clarify please? If you use ntlm_auth for single-sign-on, it works? If you use Kerberos (which you should), it works? The only case that doesn't work is when you *don't* use ntlm_auth (because you've moved it out of the way or because winbindd does have creds), and libsoup attempts to do the authentication for itself using a password that you provide manually? I'd like to see the NTLM exchanges in both working and failing cases, please.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
