Fastream Technologies wrote: > Latest report: when I used the Administrator account of Windows, it > worked! :) So I am beginning to think this is a problem with security > policies of some Windows.
Yesterday I tested on a out-of-the-box, new XP SP2 installation, since this box had a hd crash :( Yes, there are policies dealing with NTLM, maybe you tweaked them? Anyway provide us a Ethereal logfile. Ethereal does a great job parsing the various NTLM messages! --- Arno Garrels [TeamICS] http://www.overbyte.be/eng/overbyte/teamics.html > Regards, > > SZ > > ----- Original Message ----- > From: "Fastream Technologies" <[EMAIL PROTECTED]> > To: "ICS support mailing" <twsocket@elists.org> > Sent: Thursday, September 14, 2006 1:15 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Now it gives SEC_E_LOGON_DENIED. :( >> >> Regards, >> >> SZ >> >> ----- Original Message ----- >> From: "Fastream Technologies" <[EMAIL PROTECTED]> >> To: "ICS support mailing" <twsocket@elists.org> >> Sent: Thursday, September 14, 2006 12:30 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >>> Hello, >>> >>> I found the problem source pinpointed: >>> >>> >>> if Sec < 0 then >>> begin >>> {$IFDEF DEBUG_EXCEPTIONS} >>> Exception.CreateFmt('Init context failed: 0x%x', [Sec]); >>> // Sec -2146893048 (0x80090308) >>> >>> {$ELSE} >>> Result := ''; >>> FState := lsDoneErr; >>> Exit; >>> {$ENDIF} >>> end; >>> >>> When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so >>> works! >>> >>> Best Regards, >>> >>> SZ >>> >>> ----- Original Message ----- >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" <twsocket@elists.org> >>> Sent: Thursday, September 14, 2006 12:08 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> Also the unicode directive enabled, it does not compile! Perhaps >>>>> that could be a cure?! >>>> >>>> No, internally user names, domain names etc. are unicoded anyway. >>>> To enable the unicode versions of the SSPI functions you need to >>>> uncomment both defines in OverbyteIcsNtlmSsp.pas as well as in >>>> OverbyteIcsSspi.pas. >>>> >>>>> >>>>> Regards, >>>>> >>>>> SZ >>>>> >>>>> ----- Original Message ----- >>>>> From: "Fastream Technologies" <[EMAIL PROTECTED]> >>>>> To: "ICS support mailing" <twsocket@elists.org> >>>>> Sent: Thursday, September 14, 2006 11:40 AM >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>> >>>>> >>>>>> Hi Arno, >>>>>> >>>>>> I also wonder if this could be a lifetime/time zone problem? We >>>>>> are GMT+200. What is the timeout period of this authentication >>>>>> and did you consider different time zones? >>>>>> >>>>>> Best Regards, >>>>>> >>>>>> SZ >>>>>> >>>>>> ----- Original Message ----- >>>>>> From: "Fastream Technologies" <[EMAIL PROTECTED]> >>>>>> To: "ICS support mailing" <twsocket@elists.org> >>>>>> Sent: Thursday, September 14, 2006 11:31 AM >>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>>> >>>>>> >>>>>>> It is very strange that when I enabled DEBUG_EXCEPTIONS, it >>>>>>> worked and gave no errors/exceptions! But I cannot deploy in >>>>>>> this form... ;( >>>>>>> >>>>>>> SZ >>>>>>> >>>>>>> ----- Original Message ----- >>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>>> To: "ICS support mailing" <twsocket@elists.org> >>>>>>> Sent: Thursday, September 14, 2006 10:49 AM >>>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM >>>>>>> question) >>>>>>> >>>>>>> >>>>>>>> I tested with Opera successfully! >>>>>>>> >>>>>>>> Change the format string below in order to get a hex display >>>>>>>> like: raise Exception.CreateFmt('Init context failed: 0x%x', >>>>>>>> [Sec]); >>>>>>>> >>>>>>>> Post the hex value. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> Fastream Technologies wrote: >>>>>>>>> Hello, >>>>>>>>> >>>>>>>>> With FF, after msg3, >>>>>>>>> >>>>>>>>> Sec := FPSFT^.AcceptSecurityContext(@FHCred, >>>>>>>>> pHCtx, >>>>>>>>> @InBuffDesc, >>>>>>>>> >>>>>>>>> ASC_REQ_SEQUENCE_DETECT, // context requirements >>>>>>>>> >>>>>>>>> SECURITY_NATIVE_DREP, >>>>>>>>> @FHCtx, >>>>>>>>> @OutBuffDesc, >>>>>>>>> ContextAttr, >>>>>>>>> Lifetime); if Sec < 0 then >>>>>>>>> begin // enters here with Sec = -2^31 >>>>>>>>> {$IFDEF DEBUG_EXCEPTIONS} >>>>>>>>> raise Exception.CreateFmt('Init context failed: >>>>>>>>> %d', [Sec]); {$ELSE} >>>>>>>>> Result := ''; >>>>>>>>> FState := lsDoneErr; >>>>>>>>> Exit; >>>>>>>>> {$ENDIF} >>>>>>>>> end; >>>>>>>>> >>>>>>>>> Arno, do you have any idea? >>>>>>>>> >>>>>>>>> Best Regards, >>>>>>>>> >>>>>>>>> SZ >>>>>>>>> >>>>>>>>> ----- Original Message ----- >>>>>>>>> From: "Fastream Technologies" <[EMAIL PROTECTED]> >>>>>>>>> To: "ICS support mailing" <twsocket@elists.org> >>>>>>>>> Sent: Thursday, September 14, 2006 8:20 AM >>>>>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM >>>>>>>>> question) >>>>>>>>> >>>>>>>>> >>>>>>>>>> Here is the full log: >>>>>>>>>> >>>>>>>>>> FireFox 1.5.0.6: >>>>>>>>>> >>>>>>>>>> 13.09.2006 21:50:09 Connection Opened >>>>>>>>>> >>>>>>>>>> 13.09.2006 21:50:09 From Local >>>>>>>>>> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: >>>>>>>>>> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) >>>>>>>>>> Gecko/20060728 Firefox/1.5.0.6..Accept: >>>>>>>>>> >>>>>>> >>>>>> >>>>> >>> >> > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: >>>>>>>>>> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept- >>>>>>>>>> Charset: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: >>>>>>>>>> 300..Connection: keep-alive.... >>>>>>>>>> >>>>>>>>>> 13.09.2006 21:50:09 From Remote >>>>>>>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate: >>>>>>>>>> NTLM..Content- Length: 629..Content-Type: >>>>>>>>>> text/html..Connection: keep- alive..Server: Fastream IQ >>>>>>>>>> Reverse Proxy....<HTML><HEAD><TITLE>401 Authorization ... >>>>>>>>>> >>>>>>>>>> 13.09.2006 21:50:17 From Local >>>>>>>>>> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: >>>>>>>>>> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) >>>>>>>>>> Gecko/20060728 Firefox/1.5.0.6..Accept: >>>>>>>>>> >>>>>>> >>>>>> >>>>> >>> >> > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: >>>>>>>>>> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept- >>>>>>>>>> Charset: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: >>>>>>>>>> 300..Connection: keep-alive..Authorization: NTLM >>>>>>>>>> TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA=.... >>>>>>>>>> >>>>>>>>>> 13.09.2006 21:50:17 From Remote >>>>>>>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM >>>>>>>>>> >>>>>>> >>>>>> >>>>> >>> >> > TlRMTVNTUAACAAAADAAMADgAAAAFgooC/difEScUAFYAAAAAAAAAAEwATABEAAAABQEoCgAAAA9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEAAAAAAAAA..Content-Length: >>>>>>>>>> 629..Content-Type: text/html..Connection: keep-alive..Server: >>>>>>>>>> Fastream IQ Reverse Proxy....<HTML><HEAD><TITLE>401 >>>>>>>>>> Authorization ... >>>>>>>>>> >>>>>>>>>> 13.09.2006 21:50:17 From Local >>>>>>>>>> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: >>>>>>>>>> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) >>>>>>>>>> Gecko/20060728 Firefox/1.5.0.6..Accept: >>>>>>>>>> >>>>>>> >>>>>> >>>>> >>> >> > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: >>>>>>>>>> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept- >>>>>>>>>> Charset: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: >>>>>>>>>> 300..Connection: keep-alive..Authorization: NTLM >>>>>>>>>> >>>>>>> >>>>>> >>>>> >>> >> > TlRMTVNTUAADAAAAGAAYAGIAAAAYABgAegAAAAAAAABAAAAAFgAWAEAAAAAMAAwAVgAAAAAAAAAAAAAABYIIAEcAbwByAGsAZQBtACAAQQB0AGUAcwBsAGEAcAB0AG8AcABc2JyvFDVzpwAAAAAAAAAAAAAAAAAAAABShNO+26e7kFH0QwISJYTrsG5Xb3lYZkM=.... >>>>>>>>>> >>>>>>>>>> 13.09.2006 21:50:17 From Remote >>>>>>>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM >>>>>>>>>> ..Content-Length: 629..Content-Type: text/html..Connection: >>>>>>>>>> keep-alive..Server: Fastream IQ Reverse >>>>>>>>>> Proxy....<HTML><HEAD><TITLE>401 ... >>>>>>>>>> >>>>>>>>>> Still asking for password here....Forever... >>>>>>>>>> >>>>>>>>>> IE6XP: >>>>>>>>>> >>>>>>>>>> 13.09.2006 21:48:06 Connection Opened >>>>>>>>>> >>>>>>>>>> 13.09.2006 21:48:06 From Local >>>>>>>>>> GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, >>>>>>>>>> image/jpeg, image/pjpeg, application/x-shockwave-flash, >>>>>>>>>> application/vnd.ms- excel, application/msword, >>>>>>>>>> application/vnd.ms-powerpoint, */*..Accept-Language: >>>>>>>>>> tr..Accept-Encoding: gzip, deflate..User- Agent: Mozilla/4.0 >>>>>>>>>> (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR >>>>>>>>>> 1.1.4322)..Host: fastream.homeip.net:82..Connection: Keep- >>>>>>>>>> Alive..Cookie: >>>>>>>>>> IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D.... >>>>>>>>>> >>>>>>>>>> 13.09.2006 21:48:06 From Remote >>>>>>>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate: >>>>>>>>>> NTLM..Content- Length: 629..Content-Type: >>>>>>>>>> text/html..Connection: Keep- Alive..Server: Fastream IQ >>>>>>>>>> Reverse Proxy....<HTML><HEAD><TITLE>401 Authorization ... >>>>>>>>>> >>>>>>>>>> 13.09.2006 21:48:06 From Local >>>>>>>>>> GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, >>>>>>>>>> image/jpeg, image/pjpeg, application/x-shockwave-flash, >>>>>>>>>> application/vnd.ms- excel, application/msword, >>>>>>>>>> application/vnd.ms-powerpoint, */*..Accept-Language: >>>>>>>>>> tr..Accept-Encoding: gzip, deflate..User- Agent: Mozilla/4.0 >>>>>>>>>> (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR >>>>>>>>>> 1.1.4322)..Host: fastream.homeip.net:82..Connection: Keep- >>>>>>>>>> Alive..Authorization: NTLM >>>>>>>>>> >>>>>>> >>>>>> >>>>> >>> >> > TlRMTVNTUAABAAAAB7IIogkACQAuAAAABgAGACgAAAAFASgKAAAAD0xBUFRPUFdPUktHUk9VUA==..Cookie: >>>>>>> IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D.... >>>>>>>>>> >>>>>>>>>> 13.09.2006 21:48:06 From Remote >>>>>>>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM >>>>>>>>>> >>>>>>> >>>>>> >>>>> >>> >> > TlRMTVNTUAACAAAADAAMADgAAAAFwoqi1rIk+abQsBfodhAAAAAAAEwATABEAAAABQEoCgAAAA9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEAAAAAAAAA..Content-Length: >>>>>>>>>> 629..Content-Type: text/html..Connection: Keep-Alive..Server: >>>>>>>>>> Fastream IQ Reverse Proxy....<HTML><HEAD><TITLE>401 >>>>>>>>>> Authorization ... >>>>>>>>>> >>>>>>>>>> 13.09.2006 21:48:06 From Local >>>>>>>>>> GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, >>>>>>>>>> image/jpeg, image/pjpeg, application/x-shockwave-flash, >>>>>>>>>> application/vnd.ms- excel, application/msword, >>>>>>>>>> application/vnd.ms-powerpoint, */*..Accept-Language: >>>>>>>>>> tr..Accept-Encoding: gzip, deflate..User- Agent: Mozilla/4.0 >>>>>>>>>> (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR >>>>>>>>>> 1.1.4322)..Host: fastream.homeip.net:82..Connection: Keep- >>>>>>>>>> Alive..Authorization: NTLM >>>>>>>>>> >>>>>>> >>>>>> >>>>> >>> >> > TlRMTVNTUAADAAAAAAAAAEgAAAAAAAAASAAAAAAAAABIAAAAAAAAAEgAAAAAAAAASAAAAAAAAABIAAAABcKIogUBKAoAAAAP..Cookie: >>>>>>> IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D.... >>>>>>>>>> >>>>>>>>>> 13.09.2006 21:48:06 From Remote >>>>>>>>>> HTTP/1.1 200 OK..Content-Type: text/html..Connection: Keep- >>>>>>>>>> Alive..Server: Fastream IQ Web/FTP Server..Content-Length: >>>>>>>>>> 14718..Content-Encoding: gzip..Set-Cookie: >>>>>>>>>> IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D; PATH=/; >>>>>>>>>> EXPIRES=Thu, 01 Jan 2009 21:48:06;"..Via: Fastream IQ Reverse >>>>>>>>>> Proxy.....<data here> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> I cut the data sections to obey the ICS list 40kB limit here. >>>>>>>>>> >>>>>>>>>> Best Regards, >>>>>>>>>> >>>>>>>>>> SZ >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> To unsubscribe or change your settings for TWSocket mailing >>>>>>>>>> list please goto >>>>>>>>>> http://www.elists.org/mailman/listinfo/twsocket Visit our >>>>>>>>>> website at http://www.overbyte.be >>>>>>>> -- >>>>>>>> To unsubscribe or change your settings for TWSocket mailing >>>>>>>> list please goto >>>>>>>> http://www.elists.org/mailman/listinfo/twsocket Visit our >>>>>>>> website at http://www.overbyte.be >>>>>>> >>>>>>> -- >>>>>>> To unsubscribe or change your settings for TWSocket mailing list >>>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>>>>> Visit our website at http://www.overbyte.be >>>>>> >>>>>> -- >>>>>> To unsubscribe or change your settings for TWSocket mailing list >>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>>>> Visit our website at http://www.overbyte.be >>>> -- >>>> To unsubscribe or change your settings for TWSocket mailing list >>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>> Visit our website at http://www.overbyte.be >>> >>> -- >>> To unsubscribe or change your settings for TWSocket mailing list >>> please goto http://www.elists.org/mailman/listinfo/twsocket >>> Visit our website at http://www.overbyte.be >> >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
