Windows authentication methods (probably a FAQ)

Christopher R. Hertel crh at
Sun Jul 20 04:36:56 GMT 2003

Antti Andreimann wrote:
> Hi!
> In recent times I have had to dig deep into the wonderful world of windows
> authentication methods and to be honest It seems like an awful mess to me.
> Can someone who knows the topic a bit better correct me on the following
> and shed some light into my confused mind:
> Windows can use the following authentication methods:
> 1. Plaintext passwords (also known as LM or lanmanager??)
> 2. NTLMv1. Is this the same as "encrypted passwords?"
> 3. NTDOM (SAM???). How is this related to NTLM?
> 4. NTLMv2. Is this basically LM or NTLM in an encrypted tunnel?
> 5. Kerberos tickets. Standard protocol with M$ own extension to carry NT
> "user identifiers". Altzheimer (or is it just a bad memory chip in my
> brain) keeps me from remembering how they were called.
> 6. Something I have missed?

The training course starts here:

See section 2.8, which covers all of the stuff you've asked about above,
most of it in euphorically painful detail.  :)

Once you've read that, there are more sources listed in the References

Chris -)-----

"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team --     -)-----   Christopher R. Hertel
jCIFS Team --   -)-----   ubiqx development, uninq.
ubiqx Team --     -)-----   crh at
OnLineBook --    -)-----   crh at

More information about the samba-technical mailing list