Skip to content

Windows 7 samba and squid authentication issue

wordpress meta

title: 'Windows 7 Samba and Squid Authentication Issue'
date: '2012-11-06T00:49:21-06:00'
status: publish
permalink: /windows-7-samba-and-squid-authentication-issue
author: admin
excerpt: ''
type: post
id: 10
category:
    - LDAP
tag: []
post_format: []

With advances in Samba authentication, the squid proxy can use Active Directory authentication.

In addition MS Internet Explorer can use the “Integrated Security” feature which means no password box popping up when accessing the Internet. In my case Windows 7 authentication was not working through a squid proxy. Meaning samba authentication was not working.

Below it the fix for Windows 7 clients.

Root cause as shown in /var/log/samba/log.wb-YOUR_DOMAIN:

[2009/05/29 10:18:11, 0] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1763)
winbindd_pam_auth_crap: invalid password length 24/300

Fix on Windows 7 client:

  1. Control Panel > System and Security > Administrative Tools
  2. Open, Local Security Policy Computer Management
  3. Local Policies > Security Options > Network Security: LAN Manager Authentication level Properties
  4. Set to "Send LM & NTLM - use NTLMv2 session security if negotiated
    *** Might be set to Not Defined at first