I know that this is an old topic, but I've seen contradictory answers in different places. Some topics say that SSSD has no support for NTLM due to its inherently unsecure nature, and will never have. But others such as this topic(https://bugzilla.redhat.com/show_bug.cgi?id=963341) seem to state that it could be possible through gssntlmssp package. The reason for my question is that I'm trying to use Samba with SSSD, and its authentication fail when the windows client falls back from kerberos to NTLMv2 for any reason: [2018/10/10 20:43:32.382948, 2] ../source3/auth/auth.c:332(auth_check_ntlm_password) check_ntlm_password: Authentication for user [myusername] -> [myusername] FAILED with error NT_STATUS_NO_LOGON_SERVERS, authoritative=1[2018/10/10 20:43:32.382989, 2] ../auth/auth_log.c:760(log_authentication_event_human_readable) Auth: [SMB2,(null)] user [MYDOMAIN]\[myusername] at [Wed, 10 Oct 2018 20:43:32.382980 -03] with [NTLMv2] status [NT_STATUS_NO_LOGON_SERVERS] workstation [NTB005] remote host [ipv4:192.168.1.1:1914] mapped to [MYDOMAIN]\[myusername]. local host [ipv4:10.1.1.1:445]
Is there anything I can do to make SSSD able to deal with NTLMv2/NTLMSSP?
_______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org
