Following on from my earlier issue with AD join - now fully resolved - I now have a problem in a trust scenario. I've two domains in completely seperate forests with a one way trust, this is intended as a STUB domain to permit multiple domains to support SSO.
The issue is that although SSO works correctly in the master domain AND the NTLM seems to work properly and the user would appear to be accepted by the ASG it then hangs and fails to log any detail to http.log, no error messages are forthcoming.
I've checked that wbinfo reports the trust properly and that a wbinfo --authenticate=DOMAIN+username%password works correctly.
A packet capture shows that I'm done the GET /, received initial NTLM deny, sent NTLMSSP_NEGOTIATE, received NTLMSSP_CHALLENGE, finally sent NTLMSSP_AUTH with my correct username in DOMAIN\username form, at this point the connection hangs, leaving the proxy connection open indefinitely.
Please note that I've not been able to test this functionality in pre-7.075.
Please ask if you need any further details information, I'm happy to provide it.
Regards
Jason.
Guest User!
You are not Sophos Staff.
