Displaying 20 results from an estimated 1000 matches similar to: "NTLMv1 v. NTLMv2 ; more than one "identity" on a TCP connection"
2003 Jan 03
1
Error in SNIA spec wrt. SessionSetupAndX response when dialect is NT LM 0.12
Good evening,
On the bottom of page 53, section 4.1.2.2 in the SNIA spec
(http://www.snia.org/tech_activities/CIFS/CIFS-TR-1p00_FINAL.pdf), it
states if the dialect is NT LM 0.12 and extended security is off (I.e.,
use "traditional" NTLMv2/NTLMv2 authentication w/o SecurityBlobs), the
SessionSetupAndX response is as shown in section 4.1.2.2 with a word
count = 4. However, what I have
2007 Dec 11
1
ntlm_auth only supports ntlmv1 and not ntlmv2 ?
Hello,
i set up a squid proxy that should authenticate users against a samba PDC using winbind.
It works fine as long i allow ntlmv1:
on the PDC:
ntlm auth = yes
lanman auth = no
client ntlmv2 auth = yes
If i restrict the domains authentication method to ntlmv2 - that's what i want - with these settings:
ntlm auth = no
lanman auth = no
client
2020 Jun 04
1
Unable to map AD Users to existing local Unix users since 4.8.x
Rowland said:
>> Is there a set of settings to restore the mapping of AD users to pre-existing Unix Users?
>No
>>
>> Does the official Samba distributed project source continue to support AD Users mapping to pre-existing Unix Users?
>I do not think it ever did.
I found this reference quickly from google describing the previous behavior.
Winbind was always optional
2006 Feb 21
1
Effect of disabling LM/NTLMv1 auth on an AD?
Folks,
Our campus AD team has decided that they ...
>Need to disable LM/NTLMv1 authentication support to provide greater
>security and be consistent with the CITES authentication roadmap.
Noble thoughts, but there hasn't been much thought of the
ramifications for other, interoperable systems like Samba.
I can see that modern Samba versions support NTLMv1 and NTLMv2
methods.
2009 Oct 07
0
How to force NTLMv1 on server side?
I know NTLMv1 isn't secure and NTLMv2 is better. But I need to test a
client's NTMLv1 compatibility when the server does not support NTLMv2
and to do that I need samba (current version 3.0.33 via CentOS 4) to
not try to negotiate NTMLv2. All the searches I've done tell me how
to enable NTLMv2, but specifying:
[global]
encrypt passwords = yes
ntlm auth = yes
2012 Feb 26
3
allow trusted domains
There is a samba compiled without winbind support, with the following
options configured:
workgroup = MYDOMAIN
security = domain
allow trusted domains = yes
add user script = /usr/sbin/pw useradd %u -m -Y -M 755
When a Windows user MYDOMAIN\john connects to the samba server, he is
mapped to the Unix user john. If there is no Unix user "john", it is
created by the add user script.
How
2011 Aug 22
0
mount.cifs with "sec=ntlmv2" fails ("mount error(22): Invalid argument")
Hello, everyone,
I'm trying to mount a CIFS share served by Samba using mount.cifs with NTLMv2
authentication.
According to 'man mount.cifs' the option "sec=ntlmv2" should be supported, but it
keeps giving me "mount error(22): Invalid argument".
The Samba server enforces the use of NTLMv2. When allowing for NTLMv1 on both sides
everything works just fine.
The
2004 Mar 02
1
Samba 3 and NTLMv2 support
Hi:
I have Samba 3.0.2a running on Fedora Core 1. This server is set to be
Domain PDC and I am looking to have clients attach to it NTLMv2 only.
After looking over the man page for smb.conf, I have set the two options
that I thought would accomplish:
[Global]
lanman auth = no
ntlm auth = no
On the workstation side, I have set
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\lmcompatibilitylevel
2007 Jan 30
1
Vista, NTLMV2, security = domain
Hi folks,
I've been testing out Windows Vista Enterprise today. It defaults to only using NTLMV2 authentication.
I'm testing with Samba 3.0.23d running on Sparc/Solaris 8. Samba is configured with
security = domain
The password server is a Windows Server 2003 domain controller. I've joined Samba to the domain.
I simply can't get Vista to connect unless I change its security
2009 Dec 28
1
NTLMv2 in Sun's 'official' Samba 3.0.37?
Hi all.
Just looking for some guidance as to what works, and what doesn't.
Recently I've noticed that no matter what I do, I can't seem to get NTLMv2 to negotiate using Windows Vista, Windows 7 or Mac OS X 10.6.x against Solaris 10 Samba 3.0.37.
If I 'tune' the client OS that it only negotiates with NTLMv1, all is well. In my global block, on the Solaris Samba server, I
2004 Apr 08
0
Error building Samba 3.0.2a
While building Samba 3 for SuSE linux 9.0 I have a problem with the AFS
component (it builds fine if I omit the --with-afs and --with-fake-kaserver
options).
During configure I did get a warning:
checking whether to use AFS clear-text auth... yes
checking whether to use AFS fake-kaserver... yes
checking for /usr/include/afs... yes
checking afs.h usability... no
checking afs.h presence... no
2007 Apr 26
1
ntlm_auth to AD with only ntlmv2 enabled failing
Hello,
We have samba 3.0.23 installed. We are using free radius to take
authentication requests from a nortel vpn server and using ntlm_auth
trying to authenticate users against AD.
This setup works fine when on the AD side ntlmv1 and ntlmv2 are enabled.
(IE. Users can authenticate).
However, when only ntlmv2 is enabled users are unable to authenticate.
I have searched various places and while
2013 Feb 06
1
NTLMv2 with win2003 AD question
Hi
Thanks in advance.
I know my question below is not really related with samba but I'm really confused, and you guys are expert on windows authentication,
I really hope you have patience to read this and I'll appreciate any of your help.
I learned a lot from this post http://lists.samba.org/archive/jcifs/2008-October/008227.html.
I know that a "man in the middle" technique,
2019 Apr 23
3
User mapping/login issue
On 21/04/19 17:12, Rowland Penny wrote:
> On Sun, 21 Apr 2019 08:59:01 +0930
> Stephen Davies via samba <samba at lists.samba.org> wrote:
>
>> I have been a bit divorced from Samba for a while and am stumped by a
>> recently seen issue.
>>
>> My Samba server (V4.8.3) is Centos 7 and the remote clients are
>> windoze boxes at the other end of a VPN
2007 Jan 30
1
smbtorture NEGNOWAIT makes 3.023d dump core
smbtorture NEGNOWAIT causes a core dump with a message "Abnormal server
exit: multiple negprot's are not permitted".
Is that truely by design??
I am running Samba 3.0.23d as AD member server and have smbtorture
running on the same machine.
Kind regards,
Jens
Appended: The final second of the smbd...
[2007/01/30 16:48:38, 3] smbd/oplock_linux.c:linux_init_kernel_oplocks(260)
2014 Mar 17
1
samba4 - force ssl/tls for incoming ldap queries
hi there,
is there a way to have sambas internal ldap server reject plaintext
connections? something similar to the ssf-settings in openldap's acls?
i was already thinking about instructing iptables to drop all
connections to port 389 - but that would effectively rule out starttls
and force the clients to use ldaps, which has been deprectated a long
time ago.
thank you & with kind
2019 Apr 24
4
User mapping/login issue
Hai,
Im wondering here.. If the client is a windows 10 pc connecting,
> ../source3/smbd/negprot.c:419(reply_nt1) using SPNEGO
> ../source3/smbd/negprot.c:761(reply_negprot) Selected protocol NT LM 0.12
> ../source3/smbd/process.c:554(receive_smb_talloc)
> receive_smb_raw_talloc failed for client
> ipv4:10.55.66.82:59271 read error = NT_STATUS_CONNECTION_RESET.
And i
2007 Mar 07
1
NTLMv2 configuration problems
I'm running Centos 4.3 and Samba 3.0.24. I have an OpenLDAP backend. I have
successfully got a Windows Domain to work, Windows XP -> Samba -> OpenLDAP.
I can add machines to the domain and I can login and change passwords. The
trouble is that I'm using NTLM and have been told that I must upgrade to
NTLMv2, but I'm having great difficulty doing so.
I have existing NTLM users. I
2020 Jun 16
2
Wrong password, Win10 not using SMB3_11?
I have Samba AD-domain with two fileservers and two Samba DS-servers. Most
people can authenticate OK, but one user always gets "wrong password".
I tried changing this user's password, and was able to connect by using
smbclient, and I was also able to map this drive using the user's username
and password on my own windows 10 workstation.
Also;
# wbinfo -a username
Enter
2004 Apr 20
1
Samba 3.0.2a - Erroneously rejects NTLMv2 but accepts NTLM
Hello experts,
I?ll try and keep this brief but detailed (if that?s possible.). I?m sure I
don?t understand the technologies sufficiently but I believe I?m seeing
counter-intuitive behavior with my Samba 3 setup. What I want is nice,
tight Win 2K3 security. What I?ve got is ADS integration, including domain
user authentication using winbind, but I can?t get the security level right.
Problem