Hi Eric,
Are the Active Directory folks aware that OS X users can no longer
access Windows servers bound to the campus AD? This problem affects
10.3.3 and 10.2.8 users. We get the error message:
"Invalid name or password - You have entered an invalid user name or
password. Please try again."
Why wasn't the NTLMv2 upgrade tested to avoid this before it was
implemented. Is there a solution in the works?
Thank you,
Mark Ingles
DOCS/WSS
643-3107
On May 26, 2004, at 2:02 PM, Eric Chamberlain, CISSP wrote:
>> -----Original Message-----
>> From: owner-micronet-list@listlink.berkeley.edu
>> [mailto:owner-micronet-list@listlink.berkeley.edu] On Behalf
>> Of Ross S. Dmochowski
>> Sent: Wednesday, May 26, 2004 1:36 PM
>> To: micronet-list@calmail.berkeley.edu
>> Cc: bits-forum@calmail.berkeley.edu
>> Subject: [Micronet] ADmitMac Educational Pricing / pam_ldap
>>
>> http://www.thursby.com/products/admitmac-edu-pricing.html
>>
>> At $80 a seat, I don't know what kind of academics they think
>> they are pricing for...
>>
>> Bob, has UC ever purchased this before?
>> I looked through some old email, as I thought I remember
>> someone else asking about this awhile back.
>>
>> This really shores up the deficiencies (like lack of NTLMv2
>> support) in OS X offerings for LDAPS auth.
>>
>> Is anyone else using this, or just using the ActiveDirectory
>> aware components of OS X?
>>
>> anyone else using pam_ldap to authenticate against Active
>> Directory? :-)
>>
>
> For interoperability with campus services, Kerberos authentication
> should
> really be encouraged over LDAP. LDAP is not an authentication
> protocol and
> has a number of limitations. The most important being that unless it
> is
> properly configured to use SSL, it will send the password in cleartext.
>
> --
> Eric Chamberlain, CISSP
> Campus Active Directory Architect
> Central Computing Services
> University of California, Berkeley
> http://calnetad.berkeley.edu
>
>
>
>
> -----------------------------------------------------------------------
> -
> The following was automatically added to this message by the list
> server:
>
> For information about Micronet, including subscribing to
> or unsubscribing from its mailing list and finding out
> about upcoming meetings, please visit the Micronet Web site:
> <http://micronet.berkeley.edu/>.
>
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about MAGNet, its meetings and events, and its
mailing list, including information on subscribing and unsubscribing,
see the MAGNet Web site at <http://magnet.berkeley.edu/>.
Received on Wed May 26 17:15:21 2004
This archive was generated by hypermail 2.1.8 : Wed May 26 2004 - 17:15:21 PDT