Centos8 - CEmailSenderModule - ntlm_auth - Unable to initialize messaging context!

[adriant 0]

 

Let me preface by saying this is my first time using ESET/ESMC.  Sorry in advance if i overlooked anything obvious.  Here goes;

Essentially, just trying to configure ESMC to connect to an Exchange 2013 SMTP server.  It's not able to authenticate using NTLM.  Centos8 running on a Linode VPS.  Wondering if maybe i should be running an older version of SAMBA-WINBIND-CLIENTS package a la Centos7.

[root@esmc ~]# uname -a
Linux domain.tld 4.18.0-193.14.2.el8_2.x86_64 #1 SMP Sun Jul 26 03:54:29 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

[root@esmc ~]# ntlm_auth -V
Version 4.11.2

tomcat9 running as tomcat:tomcat, behind nginx.  (tried running tomcat9 as root, no change)

/var/log/eset/RemoteAdministrator/Server/trace.log

2020-12-04 17:15:01 Error: CEmailSenderModule [Thread 7f8072737700]: Failed to process send email request with: Failed to process user password when initializing ntlm_auth with response: : Unable to initialize messaging context!<EOF>

2020-12-04 17:15:01 Error: ConsoleApiModule [Thread 7f805c70b700]: 4 Error while processing SendEmail request: Failed to process user password when initializing ntlm_auth with response: : Unable to initialize messaging context!<EOF>

 

[MartinK 378]

This might be really hard to analyze, but I would double check that SAMBA is correctly configured on the system and properly joined into domain. As you are connection to older SMTP server, it is possible that there might be even problem with used authentication protocols, as recent SAMBA versions no longer support legacy and no-longer-secure protocol.

[adriant 0]

This server is not joined to a domain, it's only trying to use ntlm_auth for the email module to send notifications.

My suspicion is that a regression was introduced when a CVE was closed off, judging by googling "unable to initialize messaging context"

I'm thinking some combination of syntax in the CEmailSenderModule + samba options + god knows what, is triggering the error, but is otherwise functional in both older and newer versions of samba.  It looks like people have been running into this bug sporadically ever since the CVE was patched.  ([PATCH] Fix bug 13465 (samba.org))

I inquired about possibly downgrading/upgrading the package in #centos and was informed;

Quote

that package gets rebased from 4.11.2-13.el8 to 4.12.3-12.el8.3 in 8.3 so f you wait a day or three then you should be able to just yum update to it

So, i'm hoping that the updated package resolves the issue.  I'll report back when i've updated.

[adriant 0]

I apologize for taking so long to get back to this.  I know the centos8.3 update occured over a week ago at this point, i've just been busy getting clients ready for the holidays.

I am happy to confirm that a simple `yum update samba-winbind-clients` resolved this bug for me :)