Hi,
Been using Openfire 3.4.x on windows 2k3 for quite a while using ntlm sso with Norman’s patch with the Pandion client. Today decided it was about time to upgrade to 3.6.4. Upgrade went fine then went though the steps to reinstall the patch (7.1), trouble is it won’t accecpt ntlm logons. Plain logons work fine. The sasl plugin is shown as loaded but when ever a Pandion sso client attempts to logon I get .
Client wants to do a MECH we don't support: 'NTLM'
in the log
Pandion’s log shows
EVNT: Connecting to domain.com
SENT: <?xml version="1.0"?>
SENT: <stream:stream to="domain.com" xml:lang="en" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" version="1.0">
RECV: <stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="domain.com" id="667263cb" xml:lang="en" version="1.0">
RECV: <stream:features xmlns:stream="http://etherx.jabber.org/streams"><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"><required></required></starttls><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>PLAIN</mechanism></mechanisms></stream:features>
SENT: <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
RECV: <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"></proceed>
SENT: <stream:stream to="domain.com" xml:lang="en" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" version="1.0">
RECV: <stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="domain.com" id="667263cb" xml:lang="en" version="1.0">
RECV: <stream:features xmlns:stream="http://etherx.jabber.org/streams"><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>PLAIN</mechanism></mechanisms><compression xmlns="http://jabber.org/features/compress"><method>zlib</method></compression><auth xmlns="http://jabber.org/features/iq-auth"></auth></stream:features>
SENT: <compress xmlns="http://jabber.org/protocol/compress"><method>zlib</method></compress>
RECV: <compressed xmlns="http://jabber.org/protocol/compress"></compressed>
SENT: <stream:stream to="domain.com" xml:lang="en" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" version="1.0">
RECV: <stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="domain.com" id="667263cb" xml:lang="en" version="1.0">
RECV: <stream:features xmlns:stream="http://etherx.jabber.org/streams"><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>PLAIN</mechanism></mechanisms><auth xmlns="http://jabber.org/features/iq-auth"></auth></stream:features>
SENT: <auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="NTLM">TlRMTVNTUAABAAACB7IIogMAAwAuAAAABgAGACgAAAAFAs4OAAAAD1JFTU9URUtDUw==</auth>
RECV: <failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><not-authorized></not-authorized></failure>
SENT: </stream:stream>
RECV: </stream:stream>
EVNT: Disconnected
which implies the server is not advertising NTLM as one of the SASL mechanisms.
I have gone through all the steps again and made sure all the elements of the patch are installed. Any suggestions on where to look next? Thanks James