Fastream Technologies wrote: >> Arno, >> >> You have the option to enter the NTLM domain name in msg1 of NTLM >> (base64 encoded). That's what I mean.
> Again: NTLM message 1 is sent by the the client/browser!! The job was clearly "Implement NTLM support to THttpSrv" and not "make my reverse proxy working with NTLM". --- Arno Garrels [TeamICS] http://www.overbyte.be/eng/overbyte/teamics.html > > Second, I still cannot get the FF to work. I believe this is an issue > at least some customers would complain if I deploy now, wrong? > > Regards, > > SZ > > ----- Original Message ----- > From: "Stadin, Benjamin" <[EMAIL PROTECTED]> > To: <twsocket@elists.org> > Sent: Wednesday, September 13, 2006 7:38 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Normally you won't have a reason to use another domain, the server >> appplication uses the domain of the user account it is running with. >> Make sure your application is running with the domain account you >> want to use AND sufficent privileges (needed to query the user >> database). >> >> You have to give a domain user using domain\user - if, an only if, >> the server >> you're sending this information to is in *another* domain (with >> domain trustship) than the server application is working with. >> >> So that's necessary when domains are set up to trust each other. The >> Outlook web access I'm writing this email from prompts only for user >> name and password. I use this webmailer for years and it has always >> be the same, it looks the same with every browser that supports NTLM >> auth (IE, Firefox, konqueror, countless others on Unix and Solaris). >> >> I give you an example: >> My user account is in the default domain "g" where the server is in, >> but other users from a domain (ie "d") that is trusted by domain "g" >> have to write d\myusername. The difference is that Windows will >> query the trusted domain instead to look in it's own user database. >> Only in this special case you need to specify another domain. >> >> - You will need hm... I don't remember ...years ago.. (not admin >> rights but at least "helper" privileges) to be able to query for >> other domain users than yourself. It's the credentials from the >> logged in (server) application user, if you are running with a local >> account you won't be able to query the domain controller. >> - You can *not* just give specify another domain in the user field >> if the serevrs are not set up to trust each other >> - You can also *not* authenticate users of another trusted domain, >> if you use trusted domains, without your application user having >> privileges in every of the trusted domains >> >> Benjamin Stadin >> >> >> Fastream Technologies schrieb: >>> >>> Ok, thank you for tolerating my insistence. I am trying to >>> understand. >>> >>> There is just one issue left: under IE6XP, when I log in, I am not >>> asked of any NTLM-domain name! And assuming that it is like IE-FTP >>> client, I cannot find the log in change option in any menu! Does >>> anybody know the logic behind this? I have seen the words of >>> Francois but I am opting for just the opposite--instead of auto >>> logging in, I want the _option_ to be able to select the NTLM- >>> domain. >>> >>> Best Regards, >>> >>> SZ >> >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
