Re: [Samba] Using ntlm_auth to get NTLMv2 Session support from an application
- Date: Wed, 19 Apr 2017 10:08:53 -0700
- From: Jeremy Allison via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Using ntlm_auth to get NTLMv2 Session support from an application
On Wed, Apr 19, 2017 at 11:03:34AM -0400, pisymbol . via samba wrote:
> As many of you already probably know, the neon library is the workhorse for
> davfs support.
> However, right now, the current version of libneon has very limited support
> for NTLM, particularly NTLMv2, both on the challenge/authentication side as
> well as handling NTLMv2 Session Security.
> There is a patch somewhere to add NTLMv2 authentication support natively
> but there is zero support for NTLMv2 session security. What this means is
> that if you try to mount a share using davfs and the server in question
> requires 128-bit session security, libneon fails to negotiate and the mount
> fails. I have at least one enterprise customer who relies on NTLMv2
> exclusively (despite the fact the world has moved on to HTTPS).
> Is there a way to hook up the "ntlm_auth" utility to do the heavy lifting
> of authenticating/creating NTLMv2 sessions in order to mount using davfs?
> I realize I maybe barking up the wrong tree, but I am trying to come up
> with a way to leverage Samba's already robust support for Windows
> authentication without having to duplicate the effort within libneon and
> friends (I am not the maintainer but I do have an urgent desire to mount
> Sharepoint shares using davfs via NTLMv2 session security).
> Any insight, feedback into this issue would be much appreciated.
The squid program does this. Maybe look into the code they
use for their integration ?
To unsubscribe from this list go to the following URL and read the