NTLM SSO stopped working all of a sudden

NTLM SSO stopped working all of a sudden

by Conn Warwicker -
Number of replies: 5
Picture of Core developers Picture of Plugin developers

The NTLM single sign on for one of our moodle has suddenly stopped working today, and takes us to the Windows security login prompt which doesn't accept any details that you enter into it, so ends up with you on a 401 Authorization Required error page.

I've put in a test script:

<?php

echo (isset($_SERVER['REMOTE_USER'])) ? 'OK' : 'NO';

?>

Under the directory our ntlm is configured to in the httpd.conf, and it cannot find the remote_user anymore, but nothing has changed on our server at all.

Any ideas what this might be?

Could it be that the site is not listed as a trusted site anymore on our network? (I've checked my interet options - local intranet zone sites and it is in there...)


Cheers.

Average of ratings: -
In reply to Conn Warwicker

Re: NTLM SSO stopped working all of a sudden

by Dave Perry -
Picture of Testers

So, the server is still in the same AD domain as the computers, moodle NTLM options have the right subnet mask in, and the ntlmmagic file still has the 'authentication = by windows' setting?

Average of ratings: -
In reply to Dave Perry

Re: NTLM SSO stopped working all of a sudden

by Conn Warwicker -
Picture of Core developers Picture of Plugin developers

Yes to the first 2. Can't see that setting in our file (Moodle 2.6), but I haven't changed it and we have the same file across several moodles and it works on the others, so I'm guessing yes.

I'm thinking it's more a server/network thing than Moodle though, as when I manually test it in the command line, with:


ntlm_auth --username=ouruser --password=ourpassword --domain=ourdomain


We get NT_STATUS_NO_LOGON_SERVERS

Average of ratings: -
In reply to Conn Warwicker

Re: NTLM SSO stopped working all of a sudden

by Conn Warwicker -
Picture of Core developers Picture of Plugin developers

Fixed it now.

After much faffing around with it, we just restarted the whole server and it fixed itself.

Hate technology.

Average of ratings: -
In reply to Conn Warwicker

Re: NTLM SSO stopped working all of a sudden

by Dave Perry -
Picture of Testers

Glad to hear it. AD is a PITA when it wobbles, and a reset normally required! When I used to be a desktop tech when I was at uni, my work placement place we were often detaching then re-attaching desktops to our domain to fix half the odd weird problems we came across!

Average of ratings: -
In reply to Conn Warwicker

Re: NTLM SSO stopped working all of a sudden

by Conn Warwicker -
Picture of Core developers Picture of Plugin developers

Hi me,

It happened again and I found your previous post.

If it happens again in future, restart winbind and smb services then do the net ads join again. Also check the Moodle SSO settings to make sure you've got the up to date list of subnets.


Average of ratings: -