Return-Path: Delivered-To: apmail-perl-modperl-archive@www.apache.org Received: (qmail 71319 invoked from network); 26 Mar 2007 13:58:17 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 26 Mar 2007 13:58:17 -0000 Received: (qmail 77682 invoked by uid 500); 26 Mar 2007 13:58:16 -0000 Delivered-To: apmail-perl-modperl-archive@perl.apache.org Received: (qmail 77663 invoked by uid 500); 26 Mar 2007 13:58:16 -0000 Mailing-List: contact modperl-help@perl.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list modperl@perl.apache.org Received: (qmail 77649 invoked by uid 99); 26 Mar 2007 13:58:16 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 26 Mar 2007 06:58:16 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (herse.apache.org: domain of bamapookie@gmail.com designates 64.233.162.235 as permitted sender) Received: from [64.233.162.235] (HELO nz-out-0506.google.com) (64.233.162.235) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 26 Mar 2007 06:58:06 -0700 Received: by nz-out-0506.google.com with SMTP id x3so1370382nzd for ; Mon, 26 Mar 2007 06:57:45 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=NG2dSqIM97Pfcyk1ykrxHabVIW4OgMlVuNswp1lMm0u6uPjOPFTAJoKoK6YXEaPt7dLOidBg3t0Dhjyg4Wzgdxc72WIPvB3RmcpIVdqovl01wzQaEZiav/bWs3n5wcEqbQ9lljCLMcFmRr8qQgRFLyztpXfb6NTvpBaYcsJJwJs= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=BwYp/eB/omddlMfflz0Oox6a+5xcJTu5yi9G3G7g8KRc0mESmUaNbuGzCdp72w9fsc8Cvo+6uPmNryWllsYx0d2CnhX+kRfy5vq4LSbvGhtki9ggh+27YCdkGFZWW2xfUB6kiYkwMC+D7Sv+nelt1mLXXDph//vbGFyRWbdypfU= Received: by 10.114.201.1 with SMTP id y1mr2642127waf.1174917464251; Mon, 26 Mar 2007 06:57:44 -0700 (PDT) Received: by 10.115.109.12 with HTTP; Mon, 26 Mar 2007 06:57:44 -0700 (PDT) Message-ID: Date: Mon, 26 Mar 2007 09:57:44 -0400 From: "Shawn Kovalchick" To: modperl@perl.apache.org Subject: Re: Apache2::AuthenNTLM (0.02) can't connect to server In-Reply-To: <1174801204.19381.2.camel@aaron-laptop> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <1174801204.19381.2.camel@aaron-laptop> X-Virus-Checked: Checked by ClamAV on apache.org I did. I was able to look it up using the short name, and the FQDN. Anyway, I had to go with another solution (mod_auth_kerb) On 3/25/07, Aaron Browne wrote: > I am pretty sure the NONCE error occurs when the domain controller names > cannot be resolved. Did you try nslookup etc? > > On Tue, 2007-03-20 at 13:44 -0400, Shawn Kovalchick wrote: > > I'm trying to set up AuthenNTLM, but can't get connected to my domain > > controller. I've tried adding "domain company.com" and "search > > company.com" to /etc/resolv.conf. I've tried adding > > controler1.company.com to the /etc/hosts file. > > > > What am I doing wrong? Does Samba need to be set up? Does the server > > need to be a member of the domain? > > > > Below is my configuration: > > > > > > PerlAuthenHandler Apache2::AuthenNTLM > > AuthType ntlm,basic > > Require valid-user > > AuthName "xxx" > > > > PerlAddVar ntdomain "DOMAIN controller1 controller2" > > PerlSetVar defaultdomain DOMAIN > > PerlSetVar splitdomainprefix 1 > > PerlSetVar ntlmdebug 3 > > AllowOverride None > > Order allow,deny > > Allow from all > > > > > > And below is the debug from apache: > > > > [2966] AuthenNTLM: Config Domain = domain pdc = controller1 bdc = controller2 > > [2966] AuthenNTLM: Config Default Domain = DOMAIN > > [2966] AuthenNTLM: Config Fallback Domain = > > [2966] AuthenNTLM: Config AuthType = ntlm,basic AuthName = xxx > > [2966] AuthenNTLM: Config Auth NTLM = 1 Auth Basic = 1 > > [2966] AuthenNTLM: Config NTLMAuthoritative = on BasicAuthoritative = on > > [2966] AuthenNTLM: Config Semaphore key = 23754 timeout = 2 > > [2966] AuthenNTLM: Config SplitDomainPrefix = 1 > > [2966] AuthenNTLM: Authorization Header > > [Tue Mar 20 13:27:57 2007] [error] Bad/Missing NTLM/Basic > > Authorization Header for /nagios > > [2966] AuthenNTLM: Start NTLM Authen handler pid = 2966, connection = > > 168464048 conn_http_hdr = keep-alive main = cuser = remote_ip = > > 10.111.40.195 remote_port = 13106 remote_host = <> version = 0.02 > > smbhandle = > > [2966] AuthenNTLM: Object exists user = \ > > [2966] AuthenNTLM: Authorization Header NTLM > > TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA= > > [2966] AuthenNTLM: Got: 78 84 76 77 83 83 80 0 1 0 0 0 7 130 8 0 0 0 0 > > 0 0 0 0 0 0 0 0 0 0 0 0 0 > > [2966] AuthenNTLM: protocol=NTLMSSP, type=1, > > flags1=7(NEGOTIATE_UNICODE,NEGOTIATE_OEM,REQUEST_TARGET), > > flags2=130(NEGOTIATE_ALWAYS_SIGN,NEGOTIATE_NTLM), domain length=0, > > domain offset=0, host length=0, host offset=0, host=, domain= > > [2966] handler type == 1 > > [2966] AuthenNTLM: Connect to pdc = controller1 bdc = controller2 > > domain = domain > > [2966] AuthenNTLM: enter lock > > [2966] AuthenNTLM: verify handle smbhandle == 0 > > [Tue Mar 20 13:27:57 2007] [error] Connect to SMB Server failed (pdc = > > controller1 bdc = controller2 domain = domain error = -11/0) for > > /nagios > > [2966] AuthenNTLM: leave lock > > [Tue Mar 20 13:27:57 2007] [error] Cannot get nonce > >