Thank you sir! I will begin my investigation this morning! Regards, Bill Wesse MCSE / Escalation Engineer, US-CSS DSC PROTOCOL TEAM 8055 Microsoft Way Charlotte, NC 28273 TEL: 980-776-8200 CELL: 704-661-5438 FAX: 704-665-9606 We're Hiring http://members.microsoft.com/careers/search/details.aspx?JobID=A976CE32-B0B9-41E3-AF57-05A82B88383E&start=1&interval=10&SortCol=DatePosted
-----Original Message----- From: Adam Simpkins [mailto:[EMAIL PROTECTED] Sent: Monday, August 04, 2008 4:49 PM To: Bill Wesse Cc: '[EMAIL PROTECTED]' Subject: Re: Status: raw NTLMSSP tokens in GSS-API/SPNEGO? SRX080803600053 On Mon, Aug 04, 2008 at 04:17:29AM -0700, Bill Wesse wrote: > Good morning once again. You noted in your question that you can > provide a network trace of the NTLM behavior you reported. I would > deeply appreciate it if you would send one to me. Could you also note > the OS versions of the client and server (just in case, even though > the NtlmsspAuthenticaeMessage may contain a Version structure. Please find a trace attached. This was taken between a client running Windows XP SP3 and a server running Windows Server 2003 SP2 (Enterprise Edition). Frame 6 contains the initial SESSION_SETUP_ANDX request. This contains a GSS-API InitialContextToken that uses SPNEGO. The mechToken inside the SPNEGO NegTokenInit contains just raw NTLMSSP data. According to RFC 4178 section 3.2 item (c), this should be a GSS InitialContextToken. I have also included a trace of the same client and server, but using Kerberos over SPNEGO. In this trace, the mechToken is a GSS InitialContextToken. -- Adam Simpkins [EMAIL PROTECTED] _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
