Laker Netman <[EMAIL PROTECTED]> wrote: > NTLM is sufficient to gain access to resources on > Windows domain, "machine account" or no, in ANY > windows domain flavor.
Yes, but the issue is the protocol that encapsulates NTLM. There are multiple versions of Windows "connect to DC" protocols. Some require massive amounts of code to obtain a working implementation. Others (e.g. rlm_smb) do not. > My home PCs are not "work" domain members. In fact, I > run my own "home" domain. So these home systems > actually have different native security (machine > account) credentials than my work PC. And until you look at the packet traces, you have no idea which version of what protocols they're using. Odds are they're using the Win2K or XP-style "infinite number of packets" method to log into the DC. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
