Re: [Evolution] EWS NTLM auth not working

From: j2ev <j2ev centrum cz>
To: David Woodhouse <dwmw2 infradead org>, evolution-list gnome org
Subject: Re: [Evolution] EWS NTLM auth not working
Date: Sun, 18 Feb 2018 09:23:36 +0100

Hello David,

in my understanding, the process with libsoup and ntlm_auth when using NTLM auth is:

- libsoup checks if ntlm_auth binary is present in the system

- if ntlm_auth is present, it is called with parameters "--helper-protocol ntlmssp-client-1 --use-cached-creds --username (--domain)"

- if cached credentials are not available, SSO fails, libsoup computes
the NTLM responses itself

Kerberos auth works fine, but the problem is that tickets expire and
when I am not at work, I have to connect to VPN to renew them.

Anyway, I made some more progress also. I tried to make na
implementation of NTLMv2 in libsoup and was able to successfully
authenticate against our "Send NTLMv2 response only. Refuse LM & NTLM" enabled
server (domain). So it seems I was right, that libsoup actually does
not support NTLMv2, just NTLM2 Session Response.

Follow-Ups:
- Re: [Evolution] EWS NTLM auth not working
  - From: Milan Crha

References:
- Re: [Evolution] EWS NTLM auth not working
  - From: j2ev
- Re: [Evolution] EWS NTLM auth not working
  - From: David Woodhouse

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]