Samba 3.0.21 & NTLMSSP with NTLMv2
Andrew Bartlett
abartlet at samba.org
Fri Feb 3 22:15:13 GMT 2006
On Fri, 2006-02-03 at 09:06 -0800, Jeremy Allison wrote:
> On Fri, Feb 03, 2006 at 11:34:29AM +0300, Jet Info wrote:
> > Hi, Andrew & Samba Team!
> >
> > I read the archive of samba-technical posted on May 17 00:06:40 GMT 2003 (link
> > http://lists.samba.org/archive/samba-technical/2003-May/029542.html) and I have
> > same problem:
> > If I configure my Domain to "use NTLMv2 only, refuse LM&NTLM" and configure samba
> > to use NTLMv2 (client NTLMv2 auth = Yes client lanman auth = No), I can
> > successfully connect to a samba share.
> > But if I also configure XP client
> > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0]
> > "NtlmMinClientSec"=dword:00080000 - "Minimum session security for NTLMSSP based
> > (including secure RPC) clients - require NTLMv2 session security. I got 'the
> > network request is not supported.' at the XP client
> > Does new Samba version support NTLMv2 in NTLMSSP?
> > If not, Is it planned to include this option in future?
>
> Samba 3.0.21a and b support NTLMv2 in NTLMSSP (based on the
> hard work of Andrew Bartlett !).
Please try that version, and let me know. Also avoid any 'username
map', and use it from a domain logon context, for best results.
The issues with NTLMv2 are often due to a checksum over the exact form
of the username and domain. We may need to be more careful.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20060204/2252f94d/attachment.bin
More information about the samba-technical
mailing list