search for: ntlmminclientsec

Hi folks, I have been asked to force NTLMv2 logins to avoid use of LM hashes. To meet the requirement I added some lines to the smb.conf in [Global] (we only have that section anyway - this is purely for domain authentication with an ldap backend): client lanman auth = no client NTLMv2 auth = yes lanman auth = no min protocol = LANMAN2 ntlm auth = no This seemed to work - users

...ncluded below entries in my smb.conf (among other entries): security = server password server = NTDomainController client ntlmv2 auth = yes On both NTDomainController and W2k client, I have Imcompatibilitylevel set to 3 or 5 from the Registry Editor for LSA. On NTDomainController, it also has both NtlmMinClientSec and NtlmMinServerSec set to 0x00080000 (to permit only NTLMv2 session security). I just cannot map a drive from W2k client to the Samba server running Solaris 8. Thanks a lot in advance. Dan -----Original Message----- From: Andrew Bartlett [mailto:abartlet@samba.org] Sent: Saturday, October 25,...

...is incorrect". The Win95 client authenicates against a 2000 server. The pertinent regisrty settings look like: [HKEY_LOCAL_MACHINE\System\CurrentControlSet\control\LSA] "LMCompatibility"=dword:00000003 [HKEY_LOCAL_MACHINE\System\CurrentControlSet\control\LSA\MSV1_0] "NtlmMinClientSec"=dword:00080000 I've verified the Secur32.dll on the Win95 is the 128-bit version, and that Winsock 2.0 update and DUN 1.3 are installed. If I use "security = domain" and use "password server = *" the users authenicate fine, but I'd rather have this machine be pr...

...I have set the LAN Manager authentication level to Send NTLMv2 response only\refuse LM & NTLM. In the registry, i also set HKLM\System\CurrentControlSet\Control\Lsa|lmcompatibilitylevel --> level 5 (accepts only NTLMv2). Similarly, i also set HKLM\System\CurrentControlSet\Control\Lsa\MSV1_0\NtlmMinClientSec --> 0x00080000(NTLMv2 Session security) HKLM\System\CurrentControlSet\Control\Lsa\MSV1_0\NtlmMinServerSec --> 0x00080000(NTLMv2 Session security) In my smb.conf, I added client NTLMv2 auth = yes lanman auth = no ntlm auth = no I have waited for about 5 minutes just to be sure that all settin...

...ired"=dword:00000000 "DomainCompatibilityMode"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "LmCompatibilityLevel"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0] "NtlmMinServerSec"=dword:00000000 "NtlmMinClientSec"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters] "LDAPServerIntegrity"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] "RestrictNTLMInDomain"=dword:00000000 "RequireSignOrSeal"=dword...