[Samba] Re: Stumbling blocks moving to NTLMv2
Quinn Fissler
qfissler at gmail.com
Tue Sep 25 17:03:56 GMT 2007
Is there a type in this text?
(from http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/securing-samba.html)
NTLMv2 Security
To configure NTLMv2 authentication, the following registry keys are
worth knowing about:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"lmcompatibilitylevel"=dword:00000003
The value 0x00000003 means to send NTLMv2 response only. Clients
will use NTLMv2 authentication; use NTLMv2 session security if the
server supports it. Domain controllers accept LM, NTLM, and NTLMv2
authentication.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0]
"NtlmMinClientSec"=dword:00080000
The value 0x00080000 means permit only NTLMv2 session security. If
either NtlmMinClientSec or NtlmMinServerSec is set to 0x00080000, the
connection will fail if NTLMv2 session security is negotiated.
More information about the samba
mailing list