Disabling all NTLM authentication variations
Luke Howard
lukeh at padl.com
Sat Jan 28 23:34:47 GMT 2006
You could try stopping the NTLMSSP service. But I'm not sure how
well it would work, NTLM is still required for things like changing
passwords as far as I'm aware.
-- Luke
>From: Joey Collins <joeycollins at charter.net>
>Subject: Disabling all NTLM authentication variations
>To: Samba Technical <samba-technical at lists.samba.org>
>Date: Sat, 28 Jan 2006 15:37:46 -0500
>
>
>Hi Gang -
>
>Does anyone know if it is possible to disable all forms of NTLM
>authentication on a Windows 2000 or Windows 2003 server? I.e., I want
>to only accept kerberos. In the negotiate protocol response, I'd like
>to only have Kerberos as the listed auth protocol. Any one know how? I
>tried playing with the local policy and it only seems to be able to
>limit LM, NTLM and NTLMv2.
>
>thanks,
>
>Joey.
--
More information about the samba-technical
mailing list