[Samba] MSCHAPv2 and NTLMv2
Andrew Bartlett
abartlet at samba.org
Fri Mar 10 21:11:32 GMT 2006
On Fri, 2006-03-10 at 11:10 -0800, Raj Talwar wrote:
> Is it possible to use NTLMv2 with MSCHAPv2 (using ntlm_auth and winbindd). What do I need to put in the smb.conf to make this work.
MSCHAPv2 is encryption compatible with NTLM, not NTLMv2. (It simply
changes how the 8-byte LM challenge is prepared, and removes the LM
response).
The client cannot (while sending a valid MSCHAPv2 response) us the
NTLMv2 crypto.
However, if as I suspect the issue regards the policy settings which
appear to allow MSCHAPv2 from a windows RADIUS server, but not a Samba
ntlm_auth/winbind server, to a domain allowing only NTLMv2
authentication, then I remain stumped. See my mail earlier today.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20060311/97844a76/attachment.bin
More information about the samba
mailing list