[Samba] NTLMv1 v. NTLMv2 ; more than one "identity" on a TCP connection

Simo Sorce idra at samba.org
Tue Dec 31 09:44:00 GMT 2002

On Tue, 2002-12-31 at 05:21, Joey Collins wrote:
> Hello,
> Two questions for you this evening.  
> How do you tell the difference between NTLMv1-style authentication and
> NTLMv2 style?  The CIFS dialect NT LM 0.12 does both(?), so does not
> appear in the NegProtRequest message (nor in the flags, near as I could
> tell).  Do you ascertain this by examining the SessionSetupAndX
> message?  If so, what parts?

I let andrew answer NTLM related questions :)

> Is it possible to have more than one CIFS "identity" on a TCP
> connection?  For example, say I open a TCP connection, authenticate
> myself using NegProt/SessionSetupAndX/etc exchanges as user "foo"
> password "bar", can I also establish another identity (i.e., do another
> SessionSetupAndX exchange?) say, "hello" password "world" on the _same_
> TCP connection?

Yes it is possible, and it is what terminal servers do by default.

> This seems to be enforced on the client-side because if
> you try to connect to a share on a computer using a different identity,
> it complains saying already connected. But, nothing comes over the
> wire, so it is purely a client-internal decision.

This is a really stupid client issue.
In my opinion a password caching issue in that it seem a win client
associate a password with a machine name. I tried successfully to
connect to the same machine with 2 identities using netbios name in
first connection and ip number on the second (not sure it works on all
MS OSs).


Simo Sorce    -  idra at samba.org
Samba Team    -  http://www.samba.org
Italian Site  -  http://samba.xsec.it

More information about the samba mailing list