Re: why AuthenNTLM prompt for password/user when user in domain

[prev] [thread] [next] [Date index for 2004/11/25]

Hi,
Thanks for your reply.
then user/password will promt user/password for the first time accessing 
the page even though user logined, am i right? Do i need a samba server 
in apache which use the AuthenNTLM.  And how do i know the the 
user/usernthash is right between the apache and PDC? Since my problem is 
whatever i enter in the user/password prompt, it  always says wrong 
password(rc=3).

thanks,

william


Shannon Eric Peevey wrote:

> william lai wrote:
>
>> *Hi speeves,
>>   i'm trying Apache::AuthenNTLM 2.07 modules with a
>> NT PDC, mod_perl-1.19_12, Apache/2.0.51., After
>
>
> Hi!
>
> Just a note, the newest version of mod_perl is 1.99_17, and Apache 
> 2.0.51 had a security hole that is fixed in 2.0.52.  (Though I have 
> been seeing a mention of a new vulnerability in 2.0.52 on bugtraq, 
> though haven't seen it confirmed yet).
>
>> configuration, i browsers the page that protect by AuthenNTLM and it 
>> prompt me for password/user,  however  it always said the 
>> user/passwordis wrong.
>> is it true that NTLM don't need to enter password/user when user 
>> login in the domain?
>> **and i also set keepalive= on in httpd.conf. I have
>> searched for a week why it prompt me for password/user, but
>> stil can't solve.
>> *
>
>
> If I am understanding this correctly, AuthenNTLM doesn't check for 
> existing credentials from IE.  It simply checks a local cache to see 
> if the user already has a session, then throws a 401 Unauthorized if a 
> cached session is not found.
> thanks,
>


        -- 
        Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html