Adding Linux Client to NT Domain

Adding Linux Client to NT Domain

Post by Steve D. Perkin » Thu, 22 Apr 1999 04:00:00



    Since we've been slow up at the office this past week <smile>...
I've been putting together a spare machine out of used parts to put
Linux on.  My office has a Microsoft network with one NT server... which
acts as the firewall (using MS Proxy Server) between our LAN and the
Internet.

    Anyway... Linux install was no problem, and I can ping the NT
server.  My main purpose for wanting to do this is to learn how to use
Samba... I've played around to the point where I can see the server's
browse list (I'll learn how to actually use and share resources
tommorrow).

    However... I have yet to figure out how to configure Netscape (or
KDE's browser, for that matter) to get past the MS Proxy Server firewall
to browse the internet.  I have gone into Netscape's proxy settings and
put the server's IP address in for HTTP proxy, as well as SOCKS proxy
(I'm still a little fuzzy on what that one is, but I know that the
firewall supports it).  Now when I try to browse somewhere a login and
password box pop up... but nothing I've tried works (I tried several
username and password combinations for accounts on the NT server).
Authentication keeps failing.

    Am I correct in assuming that this authentication in question is
referring to having an acount on the NT machine, or perhaps something
else entirely?  I was just hoping that someone out there reading this
has configured something similar before...

Steve

 
 
 

Adding Linux Client to NT Domain

Post by Hans Wolte » Fri, 23 Apr 1999 04:00:00



 and wrote the following ....

........

Quote:>    Am I correct in assuming that this authentication in question is
>referring to having an acount on the NT machine, or perhaps something
>else entirely?  I was just hoping that someone out there reading this
>has configured something similar before...

>Steve

Hi Steve,

I havn't done it with NT but since I've got samba working only 2 days ago I
remember seeing some parameters which should be enabled to authenticate on a
NT box. Check out the smb.conf. It's in the part where you can enable the
smbpassw file.

Hope it helps.

Hans

--
        Java Search Engine Front End
    http://home.gelrevision.nl/~h.wolter/
     Linux Links/CMI8330 Soundpro HOWTO
http://home.gelrevision.nl/~h.wolter/linux.htm

 
 
 

Adding Linux Client to NT Domain

Post by Tony Smol » Fri, 23 Apr 1999 04:00:00



Quote:>    However... I have yet to figure out how to configure Netscape (or
>KDE's browser, for that matter) to get past the MS Proxy Server firewall
>to browse the internet.  I have gone into Netscape's proxy settings and
>put the server's IP address in for HTTP proxy, as well as SOCKS proxy
>(I'm still a little fuzzy on what that one is, but I know that the
>firewall supports it).

Don't use both Socks & Proxy, try one or the other and see if you can get
either to work.

Where I work, we have an MS Proxy too, but I have no problems using it with
Netscape or KDE.  I set both the http and ftp proxy settings to port 80
(even FTP) on the MSProxy address.

Now when I try to browse somewhere a login and

Quote:>password box pop up... but nothing I've tried works (I tried several
>username and password combinations for accounts on the NT server).
>Authentication keeps failing.

>    Am I correct in assuming that this authentication in question is
>referring to having an acount on the NT machine, or perhaps something
>else entirely?  I was just hoping that someone out there reading this
>has configured something similar before...

I don't think NT accounts are tied into the use of MS proxy.

Here's something you can try:

Do you have a Windows machine that can use the MSproxy?

If so, shut it down, and try setting the Linux boxes IP address to that of
your Windows machine, and see if it still asks for authentication.  You can
change the IP on Linux on the fly with the "ifconfig" command.

Tony

--

Tony Smolar

------------------------------------------------------------------------------

http://www.ultranet.com/~asmolar           homepage

 
 
 

Adding Linux Client to NT Domain

Post by Thomas B. Quillin » Fri, 23 Apr 1999 04:00:00



<CHOMP - Gulp>
: username and password combinations for accounts on the NT server).
: Authentication keeps failing.

:     Am I correct in assuming that this authentication in question is
: referring to having an acount on the NT machine, or perhaps something
: else entirely?  I was just hoping that someone out there reading this
: has configured something similar before...

: Steve

Steve,
Couple of things that it could be :
Most likely its because you've got NT 4 server with sp 3 or higher. This
enables encrypted passwords by default. To fix this problem, you have a couple of
choices....
        a) Fix (grin) NT (as in with a dog) by disabling encrypted p/w's There
           is info how to do that in the security howto that comes with samba
        b) Encrypt the smb passwords by creating a smbpasswd file. This is not
           easy first time if you are using samba 1.19... personal advice...
           upgrade to samba 2.0. This gives you a VERY nice html view of the
           smb.conf file and everything is much easier.... look at samba's
           website for downloading (www.samba.org) and also info to do the
           encryption thinghy by hand is in the howto, It took me about a week
           of fiddling with that to get everything working but with 2.0 I got
           everything up and running from scratch in about 20 mins

IMHO b is best because it also allows encryption for samba and that's cool...

Hope this helps. If you're having probs, I can email you my conf file with all the
correct stuff configed for an NT network....

g'luck
tom
--
Thomas B. Quillinan   " Faced with the prospect of rereading this book, I would


 
 
 

Adding Linux Client to NT Domain

Post by Glenn Gerrar » Fri, 23 Apr 1999 04:00:00


Steve,

Samba is not your problem with Proxy server!  I was in a similar situation
not long ago.  Create a user account on the PDC that matches the username
and password on the linux machine - so if you log onto the linuxbox and
steve with password steve create the same thing on the PDC and make sure
that this user has Web proxy access (If you have SP3 or higher installed and
everyone in your office is allowed on the internet use "All Authenticated
Users" for web and windsock access control.  Go to the MMC on the NT box and
make sure that the default web server's IP address is set to "all
unassigned".  Then go to the SOCKS proxy and open ports EQ to 25 (smtp),
119(news), 110(POP), 23(telnet), 21(ftp) and what ever else you need.
Then go to the linux box, login as whoever you are to the NT box and set
your preferences to point to the internal NIC of the proxy server (I use the
IP address but you can use the name if you have set it in the hosts file
(see the linuxconf "dialog box") and port 80 for everything except SOCKS
which will stay at 1080.  You should now have web surfing ability - NT gets
passed the user name and password from the linux machine which it checks
against it's rock solid security model :) and gives you access.
Obviously I am assuming that you have set the PDC as your default gateway /
router and that you can successfully ping the internal card of the proxy
server - if you can ping the external card TURN OFF IP ROUTING!!!

Hope this helps,
Glenn Gerrard


>    Since we've been slow up at the office this past week <smile>...
>I've been putting together a spare machine out of used parts to put
>Linux on.  My office has a Microsoft network with one NT server... which
>acts as the firewall (using MS Proxy Server) between our LAN and the
>Internet.

>    Anyway... Linux install was no problem, and I can ping the NT
>server.  My main purpose for wanting to do this is to learn how to use
>Samba... I've played around to the point where I can see the server's
>browse list (I'll learn how to actually use and share resources
>tommorrow).

>    However... I have yet to figure out how to configure Netscape (or
>KDE's browser, for that matter) to get past the MS Proxy Server firewall
>to browse the internet.  I have gone into Netscape's proxy settings and
>put the server's IP address in for HTTP proxy, as well as SOCKS proxy
>(I'm still a little fuzzy on what that one is, but I know that the
>firewall supports it).  Now when I try to browse somewhere a login and
>password box pop up... but nothing I've tried works (I tried several
>username and password combinations for accounts on the NT server).
>Authentication keeps failing.

>    Am I correct in assuming that this authentication in question is
>referring to having an acount on the NT machine, or perhaps something
>else entirely?  I was just hoping that someone out there reading this
>has configured something similar before...

>Steve

 
 
 

1. Adding linux NIS clients to Solaris NIS+ domain

Does anyone have experience adding linux NIS clients to a Solaris NIS+
server running in NIS compatability mode? I'd like to pitch the idea to
my boss in order to replace/supplement Xterminals with cheap linux
workstations. All my administration experience has been with NIS+. Is it
a configuration headace, security problem, or impossible?
Thanks ahead,
Keen Young

2. apache and /~user: forbidden

3. Adding Linux Server to NT Domain

4. C++ sockets on unix, problems with broken pipe

5. Windows client can't see NT domain when passing through a Linux PPP server

6. canon bjc 6000 + suse6.3

7. Linux Client Login to NT Domain

8. libXext.so.6

9. Linux Client login to NT domain

10. Migrate Win98 client to Linux and keep NT Domain logon?

11. linux as a client on Windows NT domain?

12. NT Domain authentication from Linux 6 ws clients

13. pptp - obsd2.9 to nt domain, come in nt domain, over