[Samba] Samba 3 and NTLMv2 support
Andrew Bartlett
abartlet at samba.org
Tue Mar 2 06:19:47 GMT 2004
On Tue, 2004-03-02 at 11:28, Ron Dhillon wrote:
> Hi:
>
> I have Samba 3.0.2a running on Fedora Core 1. This server is set to be
> Domain PDC and I am looking to have clients attach to it NTLMv2 only.
> After looking over the man page for smb.conf, I have set the two options
> that I thought would accomplish:
>
> [Global]
> lanman auth = no
> ntlm auth = no
>
> On the workstation side, I have set
> HKLM\SYSTEM\CurrentControlSet\Control\Lsa\lmcompatibilitylevel to "5".
> When I try to join the clients to the domain, I get the error:
>
> "Logon Failure: Unknown Username or Bad Password"
Ahh. Is this issue only in the domain join process? Or once machines
are joined, do they still do the same thing?
> If I change the line, in smb.conf, for ntlm auth to "yes" and set the
> client registry key to "2" then I have no problem. NTLMv1 seems to be
> negotiated without any problems but NTLMv2 hasn't been quite so easy.
>
> Any suggestions would be appreciated!
I'll need to see level 10 debug logs, and an ethereal trace before I can
give you a decent answer on this. The client may not be sending it
right, or we might not be reading it right.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040302/66bc395a/attachment.bin
More information about the samba
mailing list