Using Samba for HTTP-NTLM-authentication?
Tim Potter
tpot at samba.org
Fri Jul 12 13:51:03 GMT 2002
On Sat, Jul 13, 2002 at 06:23:38AM +0930, Richard Sharpe wrote:
> > Nope. There's a challenge sent by either the server and then the client
> > produces a LM and NT response which is a hash of the challenge and the
> > user's password. This is sent to the server (in this case winbindd) for
> > authentication.
>
> But the server does not have the user's password, only the NT or LM hash
> of the user's password, so what I think you are saying is that the
> respose if formed by hashing the challenge with the user's password hash?
Yes.
Tim.
More information about the samba-technical
mailing list