why AuthenNTLM prompt for password/user when user in domain

[prev] [thread] [next] [Date index for 2004/11/24]

From: william lai
Subject: why AuthenNTLM prompt for password/user when user in domain
Date: 02:09 on 24 Nov 2004

*Hi speeves,
   i'm trying Apache::AuthenNTLM 2.07 modules with a
NT PDC, mod_perl-1.19_12, Apache/2.0.51., After
configuration, i browsers the page that protect by AuthenNTLM and it prompt me for password/user,  however  it always said the user/passwordis wrong.
is it true that NTLM don't need to enter password/user when user login in the domain?
**and i also set keepalive= on in httpd.conf. I have
searched for a week why it prompt me for password/user, but
stil can't solve.
*
*Do you know what's wrong with my setup?
   Here is my .htaccess config:
**********************************
PerlAuthenHandler Apache::AuthenNTLM
AuthName "NTLM Test"
AuthType ntlm
PerlAddVar ntdomain "mypdc.com my-pdc"
PerlSetVar defaultdomain mrppdc.com
PerlSetVar ntlmdebug 2
PerlSetVar splitdomainprefix 1
PerlSetVar ntlmsemtimeout 2
require valid-user
****************************


Here is the log detail.  

************************************************************
[[26627] AuthenNTLM: Config Domain = mrppdc.com  pdc =
mrp-pdc  bdc =
[26627] AuthenNTLM: Config Default Domain = mrppdc.com
[26627] AuthenNTLM: Config Fallback Domain =
[26627] AuthenNTLM: Config AuthType = ntlm AuthName =
NTLM Test
[26627] AuthenNTLM: Config Auth NTLM = 1 Auth Basic =
0
[26627] AuthenNTLM: Config NTLMAuthoritative = on 
BasicAuthoritative = on
[26627] AuthenNTLM: Config Semaphore key = 23754
timeout = 2
[26627] AuthenNTLM: Config SplitDomainPrefix = 1
[26627] AuthenNTLM: Authorization Header <not given>
[Wed Nov 24 00:48:18 2004] [error] Bad/Missing
NTLM/Basic Authorization Header for /test/test.html
[26627] AuthenNTLM: Start NTLM Authen handler pid =
26627, connection = 159651528 conn_http_hdr =
Keep-Alive  main =  cuser =  remote_ip = 192.168.59.59
remote_port =  remote_host = < > version = 2.07
[26627] AuthenNTLM: Object exists user = \
[26627] AuthenNTLM: Authorization Header NTLM
TlRMTVNTUAABAAAAB4IIoAAAAAAAAAAAAAAAAAAAAAB=
[26627] AuthenNTLM: Got: 78 84 76 77 83 83 80 0 1 0 0
0 7 130 8 160 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
[26627] AuthenNTLM: protocol=NTLMSSP, type=1,
flags1=7(NEGOTIATE_UNICODE,NEGOTIATE_OEM,REQUEST_TARGET),
flags2=130(NEGOTIATE_ALWAYS_SIGN,NEGOTIATE_NTLM),
domain length=0, domain offset=0, host length=0, host
offset=0, host=, domain=
[26627] AuthenNTLM: Connect to pdc = mrp-pdc bdc = 
domain = mrppdc.com
[26627] AuthenNTLM: enter lock
[26627] AuthenNTLM: verify handle
[26627] AuthenNTLM: Send: 78 84 76 77 83 83 80 0 2 0 0
0 0 0 0 0 40 0 0 0 1 130 0 0 240 218 235 184 85 9 246
208 0 0 0 0 0 0 0 0
[26627] AuthenNTLM: charencoding = 1
[26627] AuthenNTLM: flags2 = 130
[26627] AuthenNTLM:
nonce=U
[26627] AuthenNTLM: Send header: NTLM
TlRMTVNTUAACAAAAAAAAACgAAAABggAA8NrruFUJ9tAAAAAAAAAAAA==
[26627] AuthenNTLM: Start NTLM Authen handler pid =
26627, connection = 159651528 conn_http_hdr =
Keep-Alive  main =  cuser =  remote_ip = 192.168.59.59
remote_port =  remote_host = < > version = 2.07
[26627] AuthenNTLM: Object exists user = \
[26627] AuthenNTLM: Authorization Header NTLM
TlRMTVNTUAADAAAAGAAYAHIAAAAYABgAigAAABQAFABAAAAADgAOAFQAAAAQABAAYgAAAAAAAACiAAAABYIAAG0AcgBwAHAAZABjAC4AYwBvAG0AdwBpAGwAbABpAGEAbQBVAE4ASQBGAE8AUgBDAEUAPhTzJwLTwxsz7ARKvDGplLe7aojbl5LXnRmAu7tZvXtgZvUWM9eVEz6f/oUg/E9P
[26627] AuthenNTLM: Got: 78 84 76 77 83 83 80 0 3 0 0
0 24 0 24 0 114 0 0 0 24 0 24 0 138 0 0 0 20 0 20 0 64
0 0 0 14 0 14 0 84 0 0 0 16 0 16 0 98 0 0 0 0 0 0 0
162 0 0 0 5 130 0 0 109 0 114 0 112 0 112 0 100 0 99 0
46 0 99 0 111 0 109 0 119 0 105 0 108 0 108 0 105 0 97
0 109 0 85 0 78 0 73 0 70 0 79 0 82 0 67 0 69 0 62 20
243 39 2 211 195 27 51 236 4 74 188 49 169 148 183 187
106 136 219 151 146 215 157 25 128 187 187 89 189 123
96 102 245 22 51 215 149 19 62 159 254 133 32 252 79
79
[26627] AuthenNTLM: protocol=NTLMSSP, type=3,
user=william, host=UNIFORCE, domain=mrppdc.com,
msg_len=0
[26627] handler type == 3
[26627] AuthenNTLM: Verify user william via smb server
[26627] AuthenNTLM: NTLM for william,
Y{`f3ו>
OO ,  via smb server
[26627] AuthenNTLM: leave lock

>>>>>>>>>>>>>>>>>>>>here is the
error>>>>>>>>>>>>>>>>>>>>

[Wed Nov 24 00:48:21 2004] [error] Wrong password/user
(rc=3/1/327681): mrppdc.com\\william for
/test/test.html

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

[26627] AuthenNTLM: rc = 3  ntlmhash =
Y{`f3ו>

*****************************************


thanks,
william lai*


        -- 
        Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

why AuthenNTLM prompt for password/user when user in domain
william lai 02:09 on 24 Nov 2004

Re: why AuthenNTLM prompt for password/user when user in domain
Shannon Eric Peevey 03:19 on 25 Nov 2004

Re: why AuthenNTLM prompt for password/user when user in domain
william lai 03:46 on 25 Nov 2004

Re: why AuthenNTLM prompt for password/user when user in domain
Shannon Eric Peevey 16:31 on 26 Nov 2004

Generated at 11:26 on 21 Dec 2004 by mariachi v0.52