[unixODBC-support] isql and FreeTDS vs NTLM

Stefan Radman Stefan.Radman at CTBTO.ORG
Tue Jul 4 09:31:55 BST 2006


The FreeTDS driver is maintained by the FreeTDS project and therefore this should go to the FreeTDS list:

Domain logins can be used only with TDS protocol versions 7.0 and 8.0.
http://www.freetds.org/userguide/domains.htm

It seems that you have configured the protocol version (7 or 8) only in freetds.conf 
but are using an ODBC-only configuration 
http://www.freetds.org/userguide/odbcinionly.htm
where the attributes are only read from odbc.ini and without TDS_Version specified it uses the default version 5 that does not support NTLM auth.

Hint:
Either create a proper ODBC-combined configuration
http://www.freetds.org/userguide/odbcombo.htm
referencing your DataServer name in freetds.conf or
add the TDS_Version attribute to your DSN in the odbc.ini (for ODBC-only).

Stefan

> -----Original Message-----
> From: unixodbc-support-bounces at easysoft.com 
> [mailto:unixodbc-support-bounces at easysoft.com] On Behalf Of 
> Spörlein Ulrich
> Sent: Tuesday, 04 July, 2006 09:53
> To: unixodbc-support at easysoft.com
> Subject: [unixODBC-support] isql and FreeTDS vs NTLM
> 
> Hi,
> 
> I set up unixODBC 2.2.11 and FreeTDS 0.63 on a FreeBSD 6.1 
> machine and I'd like to access an MS SQL server. This works 
> fine when using 'tsql' and my username of 
> 'DOMAIN\u.spoerlein'. Yes, I need to authenticate with my 
> domain login.
> 
> When using the isql tool, it connects to the MS SQL server 
> (as seen by tcpdump) and sends the login name and password in 
> clear text (tsql uses NTLMSSP). If isql is using the TDS 
> driver, why isn't it using NTLM as well? Anyway, 'isql' is 
> not working, as the MS SQL server will terminate the 
> connection immediately after receiving the login credentials.
> 
> Ethereal decodes the tsql packets as 'TDS7/8 Login Packet, 
> NTLMSSP_NEGOTIATE' whereas the isql packets are simply 
> labelled 'Login Packet'.
> 
> Any hints?
> 
> -- 
> Ulrich Spoerlein, IT-Operations
> Client Vela GmbH, Albert-Roßhaupter-Straße 32, 81369 München, Germany
>  
> This e-mail may contain confidential and/or privileged 
> information. If you are not the intended recipient (or have 
> received the e-mail in error) please notify the sender 
> immediately and destroy this e-mail. Any unauthorized 
> copying, disclosure or distribution of the material in this 
> e-mail is strictly forbidden.
> 
> _______________________________________________
> unixODBC-support mailing list
> unixODBC-support at easysoft.com
> http://mail.easysoft.com/mailman/listinfo/unixodbc-support
> 




More information about the unixODBC-support mailing list