GFI Software

Welcome to the GFI Software community forum! For support please open a ticket from https://support.gfi.com.

Home » GFI User Forums » Kerio Control » Authentications Problems (Active directory NTLM) (AD + NTLM.)
icon13.gif  Authentications Problems (Active directory NTLM) [message #115881] Wed, 03 September 2014 19:22 Go to next message
deftoner is currently offline  deftoner
Messages: 5
Registered: January 2005
Hi everybody, thanks for your time on reading this post.

I have the lastest kerio control (8.3.4 build 2461), joined to Active Directory domain.

Everything there is ok, I see the users. The automatic log on NTLM is working BUT:

- I had some computers on the network that aren't part of the domain, so I want it to login "by hand"
- The Login screen of kerio control is shown perfectly, first an apache like login appear, when I enter the user then redirected to servername.domain.com an Kerio login screen appear. The URL is:
https://servername.domain.com:4081/login/?orig=XXXXXXXXXXXXX XXXXXXX%3D&dest=XXXXXXXXXXXXXXXXXXXXX%3D%3D&host=XXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX&NTLM=0
- I try any user an fail the login, BUT if I modify the url by hand to: https://servername.domain.com:4081/login/ its automaticly login (I guess using the credentials previously entered on the apache like windows) or by modifying the url and changing NTLM=0 to NTLM=1

So I guess that kerio try to autenticate local user and not using the list of users from domain.

So IF the problem is that kerio try to use local base, there is any method to use Domain users by default?

Any idea?

As second problem (but less important) I cant conect to admin console using active directory users (regardless if I put as admin or not on kerio), I got to create local users for administracion (not big deal for that)

Thanks again for the time on reading this.

Hope you have a nice day.

PD: Just in case, I have 6 building with kerio control + vpn and I'm upgrading from the old windows version to the stand alone (linux), and forcing users to be loged to navigate for security reasons, this is the first building that I Upgraded

Report message to a moderator

Re: Authentications Problems (Active directory NTLM) [message #115937 is a reply to message #115881] Fri, 05 September 2014 13:41 Go to previous messageGo to next message
trisse is currently offline  trisse
Messages: 19
Registered: July 2013
same here! i dont have a solution for that.. maybe a bug?

Report message to a moderator

Re: Authentications Problems (Active directory NTLM) [message #116368 is a reply to message #115937] Sat, 27 September 2014 02:38 Go to previous messageGo to next message
exportgoldman is currently offline  exportgoldman
Messages: 14
Registered: February 2009

We have the same problem, and have been playing around with the settings for the last month. Running latest release of Kerio on a rack mount appliance box.

Cannot get the captive portal to be captive, so no redirects at all browsing if your not logged in.

We have it to the stage now where if we put NTLM=1 on the URL with the correct IE security settings it will auto logon.

Report message to a moderator

Re: Authentications Problems (Active directory NTLM) [message #116862 is a reply to message #115881] Tue, 21 October 2014 09:47 Go to previous messageGo to next message
abteen is currently offline  abteen
Messages: 1
Registered: October 2014
same problem here.it seems that daylight savings was the cause of the problem.

Report message to a moderator

Re: Authentications Problems (Active directory NTLM) [message #116864 is a reply to message #116862] Tue, 21 October 2014 09:59 Go to previous messageGo to next message
generator is currently offline  generator
Messages: 21
Registered: May 2004
Same problem Back to 8.3.4 !!!

8.4.0 Not usable in ActiveDirectory NTLM

Report message to a moderator

Re: Authentications Problems (Active directory NTLM) [message #116879 is a reply to message #115881] Tue, 21 October 2014 16:43 Go to previous messageGo to next message
deftoner is currently offline  deftoner
Messages: 5
Registered: January 2005
BTW, adding info to this issue. If the computer just surft to https website, will never login. No redirect or autologin when the traffic is https only.

Report message to a moderator

Re: Authentications Problems (Active directory NTLM) [message #116976 is a reply to message #116864] Fri, 24 October 2014 14:32 Go to previous messageGo to next message
miyzfrider is currently offline  miyzfrider
Messages: 12
Registered: July 2011
Was this verified by Kerio someplace? I am having NTLM automatic authentication issues (not working) now after upgrading to 8.4 as well, and can only assume that it's due to the upgrade given it was working just fine on our network before I did the update. Did Kerio acknowledge this issue?

[Updated on: Sat, 25 October 2014 16:31]

Report message to a moderator

Re: Authentications Problems (Active directory NTLM) [message #116998 is a reply to message #116976] Sat, 25 October 2014 16:21 Go to previous messageGo to next message
deftoner is currently offline  deftoner
Messages: 5
Registered: January 2005
Hey miyzfrider, thanks for the feedback.

I'm on 8.3.4 and upgrading to 8.4 to see if works for me.

There is nothing about ntlm auth on the changelog, nothing even close to the subject in fact.

I will try if this works for me and post it here about Monday.

Thanks again.

Report message to a moderator

Re: Authentications Problems (Active directory NTLM) [message #116999 is a reply to message #116998] Sat, 25 October 2014 16:30 Go to previous messageGo to next message
miyzfrider is currently offline  miyzfrider
Messages: 12
Registered: July 2011
I downgraded back to 8.3.4 build 2461 and NTLM is working just fine again. I reached out to tech support and was basically told it was likely my configuration must be incorrect. Not sure how that conclusion can be reached when it worked fine before updating to 8.4, then after upgrading it stopped working, now it works fine again after downgrading to 8.3.4. There has to be something in the authentication function that has changed. Hopefully they will look further into it and find a solution. Till then, we'll stay on 8.3.4.

[Updated on: Sat, 25 October 2014 16:32]

Report message to a moderator

Re: Authentications Problems (Active directory NTLM) [message #117016 is a reply to message #116999] Mon, 27 October 2014 02:07 Go to previous messageGo to next message
mlee (Kerio)
Messages: 211
Registered: October 2012
Location: Sydney
@miyzfrider I see from your message on 27 Oct to Technical Support that your NTLM now works after following the steps in the NTLM Knowledge Base article, I assume it is http://kb.kerio.com/735 .

M.

PTSD. BP. OCD. ASPD. BPD. Certified.

Report message to a moderator

Re: Authentications Problems (Active directory NTLM) [message #117017 is a reply to message #117016] Mon, 27 October 2014 02:16 Go to previous messageGo to next message
miyzfrider is currently offline  miyzfrider
Messages: 12
Registered: July 2011
Yes, that is the correct KB article.

Report message to a moderator

Re: Authentications Problems (Active directory NTLM) [message #117064 is a reply to message #117017] Tue, 28 October 2014 13:23 Go to previous messageGo to next message
miyzfrider is currently offline  miyzfrider
Messages: 12
Registered: July 2011
Just a comment to everyone reading this thread and also experiencing NTLM issues after upgrading...it appears that NTLM authentication may not have been working correctly, or at least as Kerio thought, in prior versions. We didn't have to set the browser settings mentioned in the KB article referenced above to have NTLM work, with the exception of Firefox. But we never went into IE settings like described in the article and NTLM authentication worked fine. Now, after the upgrade, even after making the setting adjustments in IE, NTLM does not work. It does work in Firefox however if you add the Kerio machine FQDM to the appropriate setting referenced in the KB article, at least on our network.

I will reach back out to Kerio tech support as this definitely seems to be something in the new version.

I'll post back if I hear anything.

[Updated on: Tue, 28 October 2014 13:56]

Report message to a moderator

Re: Authentications Problems (Active directory NTLM) [message #117076 is a reply to message #117064] Tue, 28 October 2014 15:21 Go to previous messageGo to next message
Hamidreza is currently offline  Hamidreza
Messages: 2
Registered: October 2014
Location: Iran
UP! i have same problem Sad in 8.4.0

Report message to a moderator

Re: Authentications Problems (Active directory NTLM) [message #117160 is a reply to message #115881] Thu, 30 October 2014 08:50 Go to previous messageGo to next message
SvdH is currently offline  SvdH
Messages: 2
Registered: October 2014
Hi all,

Does any of you using the Active Directory for VPN and is that still working?
My problem is that Active Directory users can't log on by VPN.

This is happening since the last update.

Grtz

[Updated on: Thu, 30 October 2014 08:51]

Report message to a moderator

Re: Authentications Problems (Active directory NTLM) [message #117445 is a reply to message #117160] Wed, 12 November 2014 01:16 Go to previous messageGo to previous message
miyzfrider is currently offline  miyzfrider
Messages: 12
Registered: July 2011
Yes, we are having the VPN logging in issue as well with NTLM in 8.4. I again downgraded until this is fixed.

Report message to a moderator

Previous Topic: Kerio interface not see more than " USB2 Ethernet adapter" under tab Internet Interfaces
Next Topic: Remote Access to Kerio Control Console
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Sun Apr 02 10:15:38 CEST 2023

Total time taken to generate the page: 0.03547 seconds
.:: Contact :: Home :: Acceptable Use Policy ::.

Powered by: FUDforum 3.0.9.
Copyright ©2001-2022 FUDforum Bulletin Board Software