I'm running Squid 2.7-stable4, Samba 3 and the Windows 7 RC with IE8.
I have NTLM authentication setup on my squid proxy server and it works fine for every combination of browser and Windows (including IE8 on XP and Firefox on Win7), but it doesn't work (keeps asking for authentication) for IE8 on Windows 7.
I can get it to work using the LmCompatibilityLevel registry hack, but I'd really prefer to get it working on the server.
Does anyone have any experience with this? Or know where to start looking? The samba logs don't reveal much.
EDIT: Here's what the wb-MYDOMAIN log says when I attempt to authenticate:
[2009/08/20 15:13:36, 4] nsswitch/winbindd_dual.c:fork_domain_child(1080)
child daemon request 13
[2009/08/20 15:13:36, 10] nsswitch/winbindd_dual.c:child_process_request(478)
process_request: request fn AUTH_CRAP
[2009/08/20 15:13:36, 3] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1755)
[ 4127]: pam auth crap domain: MYDOMAIN user: MYUSER
[2009/08/20 15:13:36, 0] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1767)
winbindd_pam_auth_crap: invalid password length 24/282
[2009/08/20 15:13:36, 2] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1931)
NTLM CRAP authentication for user [MYDOMAIN]\[MYUSER] returned NT_STATUS_INVALID_PARAMETER (PAM: 4)
[2009/08/20 15:13:36, 10] nsswitch/winbindd_cache.c:cache_store_response(2267)
Storing response for pid 4547, len 3240
Best Answer
Run local GP on W7 (don't remember but in the 2000 and 2003 it is gpedit.msc). Look for local machine policy-> computer config->windows setting->local policies->security option->Network security: LAN Manager authentication level
Set LM & NTLM - Use NTLMv2 session if negotited