[unixODBC-support] isql and FreeTDS vs NTLM

Stefan Radman Stefan.Radman at CTBTO.ORG
Tue Jul 4 09:31:55 BST 2006

The FreeTDS driver is maintained by the FreeTDS project and therefore this should go to the FreeTDS list:

Domain logins can be used only with TDS protocol versions 7.0 and 8.0.

It seems that you have configured the protocol version (7 or 8) only in freetds.conf 
but are using an ODBC-only configuration 
where the attributes are only read from odbc.ini and without TDS_Version specified it uses the default version 5 that does not support NTLM auth.

Either create a proper ODBC-combined configuration
referencing your DataServer name in freetds.conf or
add the TDS_Version attribute to your DSN in the odbc.ini (for ODBC-only).


> -----Original Message-----
> From: unixodbc-support-bounces at easysoft.com 
> [mailto:unixodbc-support-bounces at easysoft.com] On Behalf Of 
> Spörlein Ulrich
> Sent: Tuesday, 04 July, 2006 09:53
> To: unixodbc-support at easysoft.com
> Subject: [unixODBC-support] isql and FreeTDS vs NTLM
> Hi,
> I set up unixODBC 2.2.11 and FreeTDS 0.63 on a FreeBSD 6.1 
> machine and I'd like to access an MS SQL server. This works 
> fine when using 'tsql' and my username of 
> 'DOMAIN\u.spoerlein'. Yes, I need to authenticate with my 
> domain login.
> When using the isql tool, it connects to the MS SQL server 
> (as seen by tcpdump) and sends the login name and password in 
> clear text (tsql uses NTLMSSP). If isql is using the TDS 
> driver, why isn't it using NTLM as well? Anyway, 'isql' is 
> not working, as the MS SQL server will terminate the 
> connection immediately after receiving the login credentials.
> Ethereal decodes the tsql packets as 'TDS7/8 Login Packet, 
> NTLMSSP_NEGOTIATE' whereas the isql packets are simply 
> labelled 'Login Packet'.
> Any hints?
> -- 
> Ulrich Spoerlein, IT-Operations
> Client Vela GmbH, Albert-Roßhaupter-Straße 32, 81369 München, Germany
> This e-mail may contain confidential and/or privileged 
> information. If you are not the intended recipient (or have 
> received the e-mail in error) please notify the sender 
> immediately and destroy this e-mail. Any unauthorized 
> copying, disclosure or distribution of the material in this 
> e-mail is strictly forbidden.
> _______________________________________________
> unixODBC-support mailing list
> unixODBC-support at easysoft.com
> http://mail.easysoft.com/mailman/listinfo/unixodbc-support

More information about the unixODBC-support mailing list