Encrypted password support fails

Andrew Bartlett abartlet at samba.org
Wed Oct 30 21:55:02 GMT 2002

Steve Holstead wrote:
> I am running samba 2.2.4 on AIX 4.3.3.
> I am having a little problem with encrypted password support. Most of
> my client machines will connect okay. However, I have a couple of
> machines (win2000) that fail at logon time. I ran a tcpdump and had a look
> at what was happening....
> Negotiate protocol response says we'll talk at > lanman2.1
> Tree Connect AndX Request says here is my:
>         ANSI password of length 24
>         and
>         Unicode password of length 106
> Tree Connect AndX Response says "invalid password"
> All my successful clients have a ANSI and Unicode passwd len of 24. Does anyone know what would cause a win2000 client to send me a password of
> 106?

That's NTLMv2, which Samba 2.2 does not support.  It is configured
either by system policy, or the LMcomatiblityLevel Registry setting. 
(MS has some docs on it in the KB).

Samba 3.0 has support for this, but I need to double-check our NTLMSSP
implementation (some things changed there that I may have broken it).

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

More information about the samba-technical mailing list