On Tue, Jul 15, 2003 at 05:11:55PM +0200, Kinkie wrote: > A problem with squid's winbind-NTLM has been caught: it is > possible to limit via security policies the workstations an user can log on > to. Squid doesn't pass to winbind the workstation name (which is passed > along in the "request" or "phase 1" NTLM dialogue) and thus such configured > sites will fail their NTLM authentication with an error of "invalid > workstation". > > This message is meant to be for knowledge-sharing only, and food for > thought towards implementing proper NTLMv2 support.
I will remind you that: - Clients get to choose their own workstatation-name - Samba 3.0's ntlm_auth passes this on correctly. I'm still waiting on the support for getting the negotiate packet, but this all seems to work farily well anyway... Andrew Bartlett
