[Samba] NTLMv1 v. NTLMv2 ; more than one "identity" on a TCP connection
joeycollins at charter.net
Tue Dec 31 04:22:01 GMT 2002
Two questions for you this evening.
How do you tell the difference between NTLMv1-style authentication and
NTLMv2 style? The CIFS dialect NT LM 0.12 does both(?), so does not
appear in the NegProtRequest message (nor in the flags, near as I could
tell). Do you ascertain this by examining the SessionSetupAndX
message? If so, what parts?
Is it possible to have more than one CIFS "identity" on a TCP
connection? For example, say I open a TCP connection, authenticate
myself using NegProt/SessionSetupAndX/etc exchanges as user "foo"
password "bar", can I also establish another identity (i.e., do another
SessionSetupAndX exchange?) say, "hello" password "world" on the _same_
TCP connection? This seems to be enforced on the client-side because if
you try to connect to a share on a computer using a different identity,
it complains saying already connected. But, nothing comes over the
wire, so it is purely a client-internal decision. In the world of NTLM,
would the same EncryptionKey be used to respond to the challenge?
Exchanging another set of NegProt's is not allowed according to the SNIA
thanks so much, happy new year, and here's to wishing for a peaceful
More information about the samba