When mod_ntlm_winbind is configured to support NTLM/Negotiate authentication, when trying to authenticate with Internet Explorer 6 (v6.0.2900.2180.xpsp_sp2_rtm.040803-2158), it generates the following error in logs/error_log: [2004/12/06 09:05:28, 1] utils/ntlm_auth.c:manage_gss_spnego_request(856) [Mon Dec 6 09:05:28 2004] [error] [client 192.168.100.105] failed to parse response from helper This is both when logged into and logged out of the Active Directory.
Andrew, any idea what to do with this one?
I think the issue is that ntlm_auth is pushing some of the debug to STDOUT, not STDERR, so it ends up in the parse stream.
OK, so the issue is simply that the Samba3 gss-spengo is very poor, and only works in very particular situations. (the debug stream suff was a red herring) Samba4 has a much more robust implementation of this, and this is where my development effort is. (The intention is to make Samba4's ntlm_auth able to sanely hook into the rest of Samba3).