Server side support of MSV1_0_ALLOW_MSVCHAPV2 flag

Andrew Bartlett abartlet at
Mon Oct 24 21:41:13 UTC 2016

On Sat, 2016-10-22 at 21:11 +0300, Sergey Urushkin wrote:
> Hello!
> As I see, samba 4.5 doesn't respect MSV1_0_ALLOW_MSVCHAPV2 flag when 
> acting as a server. This flag allows using mschapv2 with radius (VPN
> and 
> 802.1x) and is more secure than just "ntlm auth = yes" at the same
> time.
> I think many administrators would be glad to have an ability to set 
> "ntlm auth = mschapv2".
> Client support has been already added here:
> 318be7079b777237c
> Thanks for attention.

Any chance of crafting a patch?


Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team
Samba Development and Support, Catalyst IT

More information about the samba-technical mailing list