Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#857326: AH01796: AuthType NTLM configured without corresponding module
244 views
Skip to first unread message
Hamish Moffatt
Mar 9, 2017, 11:30:03 PM3/9/17
to
Package: libapache2-mod-auth-ntlm-winbind
Version: 0.0.0.lorikeet+svn+801-4
Severity: important
I've configured this module according to the README instructions, but it doesn't work - any
attempt to authenticate results in the following in the Apache log:
[Fri Mar 10 14:49:34.047665 2017] [authn_core:error] [pid 15805] [client 192.168.42.2:40411] AH01796: AuthType NTLM configured without corresponding module
I have put the following in a <VirtualHost>.
<Proxy "*">
AuthName "NTLM Authentication thingy"
NTLMAuth on
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
NTLMBasicAuthoritative on
AuthType NTLM
require valid-user
</Proxy>
I have marked this important as the package would seem to be unusable.
Hamish
-- System Information:
Debian Release: 8.7
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 3.16.0-4-686-pae (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages libapache2-mod-auth-ntlm-winbind depends on:
ii apache2-bin [apache2-api-20120211] 2.4.10-10+deb8u8
ii libc6 2.19-18+deb8u7
ii winbind 2:4.2.14+dfsg-0+deb8u2
libapache2-mod-auth-ntlm-winbind recommends no packages.
libapache2-mod-auth-ntlm-winbind suggests no packages.
-- no debconf information
Version: 0.0.0.lorikeet+svn+801-4
Severity: important
I've configured this module according to the README instructions, but it doesn't work - any
attempt to authenticate results in the following in the Apache log:
[Fri Mar 10 14:49:34.047665 2017] [authn_core:error] [pid 15805] [client 192.168.42.2:40411] AH01796: AuthType NTLM configured without corresponding module
I have put the following in a <VirtualHost>.
<Proxy "*">
AuthName "NTLM Authentication thingy"
NTLMAuth on
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
NTLMBasicAuthoritative on
AuthType NTLM
require valid-user
</Proxy>
I have marked this important as the package would seem to be unusable.
Hamish
-- System Information:
Debian Release: 8.7
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 3.16.0-4-686-pae (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages libapache2-mod-auth-ntlm-winbind depends on:
ii apache2-bin [apache2-api-20120211] 2.4.10-10+deb8u8
ii libc6 2.19-18+deb8u7
ii winbind 2:4.2.14+dfsg-0+deb8u2
libapache2-mod-auth-ntlm-winbind recommends no packages.
libapache2-mod-auth-ntlm-winbind suggests no packages.
-- no debconf information
Olly Betts
Mar 10, 2017, 4:40:03 PM3/10/17
to
On Fri, Mar 10, 2017 at 02:59:10PM +1100, Hamish Moffatt wrote:
> I've configured this module according to the README instructions, but it doesn't work - any
> attempt to authenticate results in the following in the Apache log:
>
> [Fri Mar 10 14:49:34.047665 2017] [authn_core:error] [pid 15805] [client 192.168.42.2:40411] AH01796: AuthType NTLM configured without corresponding module
>
> I have put the following in a <VirtualHost>.
>
> <Proxy "*">
> AuthName "NTLM Authentication thingy"
>
> NTLMAuth on
> NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
> NTLMBasicAuthoritative on
> AuthType NTLM
> require valid-user
>
> </Proxy>
>
>
> I have marked this important as the package would seem to be unusable.
Did you enable the module as well as installing the package?
> I've configured this module according to the README instructions, but it doesn't work - any
> attempt to authenticate results in the following in the Apache log:
>
> [Fri Mar 10 14:49:34.047665 2017] [authn_core:error] [pid 15805] [client 192.168.42.2:40411] AH01796: AuthType NTLM configured without corresponding module
>
> I have put the following in a <VirtualHost>.
>
> <Proxy "*">
> AuthName "NTLM Authentication thingy"
>
> NTLMAuth on
> NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
> NTLMBasicAuthoritative on
> AuthType NTLM
> require valid-user
>
> </Proxy>
>
>
> I have marked this important as the package would seem to be unusable.
sudo a2enmod auth_ntlm_winbind
Once I do that, the verbatim first example in README (i.e. using
<Directory> rather than <Proxy>) seems to work for me. At least I don't
get the error above and a login box pops up in the broswer - I don't have
anything actually set up to auth against (which is why I've orphaned the
package).
Cheers,
Olly
Hamish Moffatt
Mar 13, 2017, 10:00:02 PM3/13/17
to
$ ls /etc/apache2/mods-enabled
access_compat.load authn_core.load authz_user.load deflate.load filter.load mpm_prefork.conf proxy_http.load setenvif.load userdir.conf
actions.conf authn_file.load autoindex.conf dir.conf headers.load mpm_prefork.load proxy.load socache_shmcb.load userdir.load
actions.load auth_ntlm_winbind.load autoindex.load dir.load include.load negotiation.conf reqtimeout.conf ssl.conf wsgi.conf
alias.conf authz_core.load cgi.load env.load macro.load negotiation.load reqtimeout.load ssl.load wsgi.load
alias.load authz_groupfile.load dav.load fastcgi.conf mime.conf proxy.conf rewrite.load status.conf
auth_basic.load authz_host.load deflate.conf fastcgi.load mime.load proxy_connect.load setenvif.conf status.load
I tried it on a <Directory> and got the same thing.
DocumentRoot /srv/web/testproxy
<Directory /srv/web/testproxy>
Options FollowSymLinks
AllowOverride None
NTLMAuth on
NTLMAuthHelper "/usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp"
NTLMBasicAuthoritative on
AuthType NTLM
require valid-user
[Tue Mar 14 12:07:55.169134 2017] [authn_core:error] [pid 32017] [client
192.168.42.2:45912] AH01796: AuthType NTLM configured without
corresponding module
Hamish
Hamish Moffatt
Mar 14, 2017, 1:00:02 AM3/14/17
to
Ah, sorry it does work. I was testing with Basic authentication, which
isn't enabled by default. When you try with NTLM it does work, at least
when I put the config in a Directory or Location section.
For basic auth to work as well you can configure it as:
<Location />
--helper-protocol=squid-2.5-basic"
NTLMBasicAuthoritative on
NTLMBasicAuth on
AuthType NTLM
require valid-user
</Location>
It works in a <Proxy> too for basic authentication, although NTLM from
Edge doesn't seem good. Proxy from Firefox and some other apps I tried
seems ok though.
You can close this bug.
thanks
Hamish
isn't enabled by default. When you try with NTLM it does work, at least
when I put the config in a Directory or Location section.
For basic auth to work as well you can configure it as:
<Location />
NTLMAuth on
NTLMAuthHelper "/usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp"
PlainTextAuthHelper "/usr/bin/ntlm_auth
NTLMAuthHelper "/usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp"
--helper-protocol=squid-2.5-basic"
NTLMBasicAuthoritative on
NTLMBasicAuth on
AuthType NTLM
require valid-user
</Location>
It works in a <Proxy> too for basic authentication, although NTLM from
Edge doesn't seem good. Proxy from Firefox and some other apps I tried
seems ok though.
You can close this bug.
thanks
Hamish
0 new messages