phpbb fails when there are more then one entry in the active directory

Today we had a problem with the NTLM authentication of PHPBB and we discovered that  in the case that if you have more then one entry in the LDAP the authentication fails. As workaround we placed a rem in functions_ldap.php and functions_ldap_groups.php:

in functions_ldap.php
/* 
    if ($query_result["count"] != 1) {
     $result = LDAP_INVALID_USERNAME;
    }
    else {
    */ 

in functions_ldap_groups.php

/* 
   if ($query_result["count"] != 1) {
     $result = LDAP_INVALID_USERNAME;
    }
    else {
    */ 

remember also to rem one of the }  that remeins opened after the else end.

how to check from the command line if ntlm_auth is working fine

We are trying to use only kerberos, anyway for some applications we still need NTLM. ntlm_auth is only intended to be used by other programs (Squid,mod_ntlm_winbind) but is useful to check when the authentication is working fine using the command line.

To check if an user can be authenticated with NTLM we can use:
 /usr/bin/ntlm_auth –username=<username> –domain=<domain> && echo authenticated || echo failure