Re: [squid-users] Squid NTLM Auth Failing on Long Passwords

From: Guido Serassio <[email protected]>
Date: Tue, 15 Apr 2008 19:24:54 +0200

Hi,

Il 17:38 15/04/2008 andrew.lathrop@hcstarck.com ha scritto:
>I appear to have run into an issue with Squid failing to authenticate
>users with long passwords. I have had a few users that always get a
>username/password prompt box which re-appears even if the correct info is
>entered. The AD server logs each of the attempts as a bad password. Squid
>
>appears to log it as "Empty LM password supplied for user .......
>No-Auth". (Only verified for some users) The only thing I can find in
>common between these users would be password that are over 14 characters
>in length. Is this a possible source of the errors/constant password
>prompt? From doing some reading it appears that the LanMan hash value
>becomes NULL after 14 chars are inputed as a password. I'm at a loss for
>a solution short of telling my users that they need to use shorter
>passwords. Any thoughts are appreciated. Thanks,

What NTLM helper ?

LM based helpers like ntlm_auth provided with Squid are limited to 14
characters password.
This is a LM protocol limit.

Regards

Guido

-
========================================================
Guido Serassio
Acme Consulting S.r.l. - Microsoft Certified Partner
Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY
Tel. : +39.011.9530135 Fax. : +39.011.9781115
Email: guido.serassio@acmeconsulting.it
WWW: http://www.acmeconsulting.it/
Received on Tue Apr 22 2008 - 14:07:12 MDT

This archive was generated by hypermail 2.2.0 : Thu May 01 2008 - 12:00:04 MDT