[Patch] Always start with the NTLMSSP_NEGOTIATE_ALWAYS_SIGN flag enabled

Volker Lendecke Volker.Lendecke at SerNet.DE
Wed Nov 22 09:35:04 GMT 2006

On Tue, Nov 14, 2006 at 09:40:29AM +0100, Kai Blin wrote:
> Testing in Windows shows that (at least for Windows 2000) NTLM always tries 
> the NTLMSSP_NEGOTIATE_ALWAYS_SIGN flag. It is needed to do the dummy signing 
> RPC uses if NTLMSSP_NEGOTIATE_SIGN is not negotiated.
> This patch always enables that flag at first and handles switching it of if 
> the communication partner does not support it.

Ok, just saw that XP->W2k3 does this even for CIFS
connections. So this is a +0.9 from me :-)

For the stupid Volker, can you explain a bit more what you
mean with "dummy signing RPC uses"? What is this exactly?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20061122/c7889625/attachment.bin

More information about the samba-technical mailing list