[Samba] authentication question- pls respond

[Javid Abdul-AJAVID1]

I was wondering what could cause some w2k clients being prompted for pasword
and login again and again ( laptops )

their registry for authentication is 

hklm\system\currentcontrolset\control\LSA is set to 1 ( user NTLMv2 session
security if negotied )

same thing on desktops has no issues.

same users when mapped to samba-2.2.4 has no problems 

samba is in domain mode. ( a account DC is serving client authenticatins )

samba server is member of resource domain.



-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Friday, June 14, 2002 10:17 AM
To: Javid Abdul-AJAVID1
Cc: samba at lists.samba.org
Subject: Re: [Samba] authentication question- pls respond


Javid Abdul-AJAVID1 wrote:
> 
> I am running samba-2.0.7 on solaris 2.6 in domain mode
> Windows clients are 98/nt/w2k
> 
> I was just wondering if 2.0.7 supports NTLMv2

NO.  Support for NTMv2 is only in HEAD.

> I am asking this because lately some w2k clients are having issues with
> authentication...
> 
> how do i check what if when client is requesting SMBnegprot to the server
> what NTLM version samba server is responding

This isn't 'negotiated', the client just sends what it likes.  

Samba HEAD has a multiphase generic security negotiation setup using
extended security (SPNEGO), but I'm not about to explain how that works
tonight :-)

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net