Question on NTLMv2 over SMB

Andrew Bartlett abartlet at
Tue Jun 28 04:08:19 GMT 2005

On Mon, 2005-06-27 at 21:02 -0700, Yimin Chen wrote:
> Hi Andrew,
> Thanks for your response. What I was testing was pass-through 
> authentication, so my program is acting as proxy and handing the LMv2 
> response from browser to the domain controller. My program is not 
> encoding the LMv2 response.

Check you are not messing up the username and domain, which are part of
the response. 

> Client browser actually sent both LMv2 and NTLMv2 response, I just 
> handed over the LMv2 response in the CaseInsensitivePassword field, 
> while leaving the CaseSensitivePassword empty. Is this the right way to 
> do it, if I just wanted to see whether the DC will honor the LMv2 response?

That sounds right.

Andrew Bartlett

Andrew Bartlett                      
Samba Developer, SuSE Labs, Novell Inc.
Authentication Developer, Samba Team 
Student Network Administrator, Hawker College
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list