[Samba] Remove LanMan auth from the AD DC and possibly file server?

Björn JACKE bjacke at SerNet.DE
Mon Feb 7 17:06:34 UTC 2022

On 2022-01-27 at 07:00 +1300 Andrew Bartlett via samba-technical sent off:
> No, you got my meaning perfectly.  Even for Win9X there is, from
> memory, some strange update to make it do 'raw NTLMv2', instead of LM.
> I really think we should be able to ditch this, ideally across the
> codebase but certainly in the AD DC, in 2022.

okay, with the AD DC I agree, I think we can remove it there.

For local SAM's users I would vote to keep LM hashes supported until we ditch
SMB1 anyway in the not so far future. There are really still people relying on

SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: 0551-370000-0, mail: kontakt at sernet.de
Gesch.F.: Dr. Johannes Loxen & Reinhild Jung
AG Göttingen: HR-B 2816 - https://samba.plus/

More information about the samba mailing list