search for: ntlmminserversec

...in my smb.conf (among other entries): security = server password server = NTDomainController client ntlmv2 auth = yes On both NTDomainController and W2k client, I have Imcompatibilitylevel set to 3 or 5 from the Registry Editor for LSA. On NTDomainController, it also has both NtlmMinClientSec and NtlmMinServerSec set to 0x00080000 (to permit only NTLMv2 session security). I just cannot map a drive from W2k client to the Samba server running Solaris 8. Thanks a lot in advance. Dan -----Original Message----- From: Andrew Bartlett [mailto:abartlet@samba.org] Sent: Saturday, October 25, 2003 11:29 PM To: Chu...

Hi folks, I have been asked to force NTLMv2 logins to avoid use of LM hashes. To meet the requirement I added some lines to the smb.conf in [Global] (we only have that section anyway - this is purely for domain authentication with an ldap backend): client lanman auth = no client NTLMv2 auth = yes lanman auth = no min protocol = LANMAN2 ntlm auth = no This seemed to work - users

...gistry, i also set HKLM\System\CurrentControlSet\Control\Lsa|lmcompatibilitylevel --> level 5 (accepts only NTLMv2). Similarly, i also set HKLM\System\CurrentControlSet\Control\Lsa\MSV1_0\NtlmMinClientSec --> 0x00080000(NTLMv2 Session security) HKLM\System\CurrentControlSet\Control\Lsa\MSV1_0\NtlmMinServerSec --> 0x00080000(NTLMv2 Session security) In my smb.conf, I added client NTLMv2 auth = yes lanman auth = no ntlm auth = no I have waited for about 5 minutes just to be sure that all setting may take effect. After 5 min, I join the domain thru "net rpc join -w domainname". I was able to...

...on\Parameters] "DNSNameResolutionRequired"=dword:00000000 "DomainCompatibilityMode"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "LmCompatibilityLevel"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0] "NtlmMinServerSec"=dword:00000000 "NtlmMinClientSec"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters] "LDAPServerIntegrity"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] "RestrictNTLMInDomain"=dword:...