zachary.loafman at isilon.com
Mon Nov 19 16:56:18 GMT 2007
> -----Original Message-----
> From: Gerald (Jerry) Carter [mailto:jerry at samba.org]
> >> if the negotiation says it's allowed?
> > At least I don't see any. Maybe abartlet wants to comment
> > here?
> I didn't think NTLMv2 was negotiated.
Yeah, I discovered after my first message that the NTLM2 flag was for NTLM2 session support.
This could be queried out of the group policy, but is there a known case where a DC will offer NTLM2-session-support but not be able to handle NTLMv2-auth? If so, use of NTLMv2 auth could be keyed off whether the DC was offering NTLM2 session, and realistically, NTLMv2 auth is supported by 99.9% of the MS DCs out there.
More information about the samba-technical