Luke Kenneth Casson Leighton lkcl at samba.org
Sun Nov 21 20:15:53 GMT 1999

[this msg cross-posted to samba and cifs lists]

you remember i said in the inter-domain post that administrators setting
user passwords with USRMGR.EXE wouldn't work (and also therefore with
rpcclient) when you use "client/server ntlmv2 = yes/auto" and
client/server LMCompatibilityLevel=0x3/0x5 [which enables NTLMv2 on samba
and NT respectively]?

well, i lied :-) i just fixed it :-)

the only remaining thing left is _users_ setting user passwords (i.e their
own password using ctrl-alt-delete, change password), as that is encrypted
MSRPC using NTLMSSP, and when NTLMv2 is negotiated i have no clue how to
generate the sign / seal traffic.

anyone any clues?  i need the client and server magic constants that
generate the sign / seal keys.


<a href="mailto:lkcl at samba.org"   > Luke Kenneth Casson Leighton    </a>
<a href="http://www.cb1.com/~lkcl"> Samba and Network Development   </a>
<a href="http://samba.org"        > Samba Web site                  </a>
<a href="http://www.iss.net"      > Internet Security Systems, Inc. </a>

More information about the samba-ntdom mailing list