Disabling LM authentication

Mayers, Philip J p.mayers at ic.ac.uk
Tue Nov 28 14:00:18 GMT 2000

Win2K does it as a client setting "Don't send LM hash", "Don't sent NTLMv1


| Phil Mayers, Network Support     |
| Centre for Computing Services    |
| Imperial College                 |

-----Original Message-----
From: David Collier-Brown [mailto:David.Collier-Brown at canada.sun.com]
Sent: 28 November 2000 12:39
To: Gerald Carter
Cc: Steve Langasek; samba-technical at samba.org
Subject: Re: Disabling LM authentication

Gerald Carter wrote:
> I never said it was perfect.  :-)  It only addresses
> the brute forcing of lanman passwords in the event that
> somone gets you smbpasswd file.
> In the light of this I can see where DCB's patch would
> be useful now.  I'll talk to Jeremy and stick it in.

	However, subsequent discussion shows
	that it won't really help this case...

	We need a specific "no lanman hashes" mechanism
	that doesn't break clients. Anyone care to
	suggest a good way to do that?

David Collier-Brown,  | Always do right. This will gratify some people
185 Ellerslie Ave.,   | and astonish the rest.        -- Mark Twain
Willowdale, Ontario   | //www.oreilly.com/catalog/samba/author.html
Work: (905) 415-2849 Home: (416) 223-8968 Email: davecb at canada.sun.com

More information about the samba-technical mailing list