Microsoft ntlm client for Centos 8? - ntlm

I my network, all windows clients connect to the internet through a Microsoft TMG web proxy using the TMG official ntlm client.
But Linux devices have problem with ntlm.
How can I install an ntlm client in CentOS8 to connect it to the internet?
ps: I couldn't install cntlm on centos 8 which is not connected to the internet.

Related

Azure VNet Point to Site VPN and OpenVPN with Azure AD on MAC

I have setup an Azure VNet and a Point to Site VPN using the OpenVPN tunnel to maintain use of the Azure AD username and password for login.
I have sample .ovpn config files but they all require certificates, beyond what is provided by Azure.
Azure provides me with the following three files:
AzureVPN\azurevpnconfig.xml
Generic\VpnServerRoot.cer
Generic\VpnSettings.xml
How should I go about using these files to configure a .ovpn document allowing me to connect to this VPN using my MacBook?
My understanding is that the certs aren't needed since we're using a username and password to login? The downloaded VpnServerRoot.cer doesn't import to the OS Keychain...
Thank for any pointers!
Unfortunately, currently, MAC OS client is not available for connecting Azure point to site VPN with Azure AD authentication. The table below shows the client operating systems and the authentication options that are available to them. Refer to https://learn.microsoft.com/en-us/azure/vpn-gateway/work-remotely-support
With using the OpenVPN tunnel, you can select RADIUS and Azure Certificate authentication for your MAC OS X clients. For Mac clients, Read Configure OpenVPN clients for Azure VPN Gateway.
Only iOS 11.0 and above and MacOS 10.13 and above are supported with
OpenVPN protocol.
and Create and install VPN client configuration files for native Azure certificate authentication P2S configurations.

Is Azure AD application proxy on Windows Server core?

Is it possible to install and configure an Azure application proxy connector on windows server 2016 (Core), or does it only work on full (UI) server install?
It's possible. The Document states:
To use Application Proxy, you need a Windows server running Windows
Server 2012 R2 or later. You'll install the Application Proxy
connector on the server.
It seems you only need a windows server 2012 R2 or above. You can try to install the Application Proxy connector with commands.
Here is a tutorial for server core: Install & Register Azure AD Application Proxy Connector on Windows Server 1709
More references:
What is the Server Core installation option in Windows Server?
Create an unattended installation script for the Azure AD Application Proxy connector

Authentication Failure when accessing visualSVN server from linux svn client

Our VisualSVN server has "Integrated Windows Authentication" enabled, so I cannot access to it via Ubuntu/svn.
When I do this :
svn checkout http://MyRepo
I get these errors:
svn: E120191: Unable to connect to a repository at URL 'http://MyRepo'
svn: E120191: Error running context: The requested authentication type(s) are not supported.
Does anybody know a solution to this problem (other than not using Windows Authentication) ?
If you have Integrated Windows Authentication enabled, then your client computer has to be joined the Active Directory domain where VisualSVN Server resides (or at least trusted AD domain). In such case Integrated Windows Authentication will work from the Linux machine (over Kerberos or NTLM) without any problems.
For a non-domain Windows machine, it is always possible to put AD credentials to Windows Credential Manager and you could authenticate over IWA without any issues. I don't know any alternative on Linux for the tool but I guess that there has to be one.
You can enable Basic Windows Authentication in VisualSVN Server settings in addition to Integrated Windows Authentication. This way Linux-based should be able to authenticate over Basic.

FTP Server Require SSL Connection

In Azure, I set up the Windows Server 2012 R2 FTP service properly and have no problems connecting via the standard Windows 7 FTP client when the server-side setting is "Allow SSL". My endpoints are properly defined, etc.
However, when I change the setting to "Require SSL", I am unable to connect. I set endpoints for FTP SSL ports 989 and 990. I have a certificate installed properly (bound to HTTPS port 443). I selected the same certificate for use with FTP.
Note: When the server is set as "Allow SSL", Filezilla connects using TLS successfully. Neither FileZilla nor the Windows 7 FTP client can connect when the server is set as "Require SSL".
I want to require SSL connections when using the Windows 7 FTP client. I do not care about FileZilla (that was just for testing). I cannot find any walk-throughs or examples where the author uses the "Require SSL" setting on an Azure machine.
Suggestions to fix?

How to enable Windows 2003 as a WebDAV client?

I have written a program that uses webDAV to download documents from a sharepoint server. It works well with client OS (XP, Vista, 7) but it doesn't on the 2003 server it's supposed to work.
How can I enable WebDAV client (not server) on Windows server 2003 x86 ?
On Server 2003 Web Folders (WebDAV client) is not installed by default. You can install it from Microsoft website: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=15123
Note that this will install Web Folders extension. In case you wish to use Map Network Drive wizard (mini-redirector, another WebDAV client) follow this steps:
Make sure WebClient service is running. Open Services snap-in and find WebClient service. On Windows Server 2003 this service is disabled by default. If the service is disabled open WebClient Properties dialog and on General tab set Startup Type to Automatic. Restart the computer.
Your WebDAV server must be located on a default port 80. Map Network Drive wizard will fail to connect to any ports other than 80 displaying “The network path http://server/folder/ could not be found” message. Map Network Drive feature does not support SSL / HTTPS connections.
Your WebDAV server must accept anonymous connections or use Integrated Windows Authentication. Map Network Drive will fail to connect to WebDAV servers using Basic or Digest authentication. Use NTLM or Kerberos instead.
Connect to a folder on a WebDAV server rather than to the site root. The Map Network Drive wizard on Windows XP and Windows Server 2003 will fail to connect to URLs such as http://server/. Instead specify an existing folder: http://server/folder/.
The WebDAV client should be installed on all Windows since Windows 2000. Probably the service is not on by default for server platforms. Check if the WebClient service is running.

Resources