Thanks for the info Andrew. I guess this brings up a couple of other questions. I hope you don't mind.
The current samba 2.X seems to use the "unicode" password and checks to see if it is a NT,LM, or cleartext solution. Is this the case? If so, what is the purpose of the "ansi" 24 char password? Now that ntlm v2 is here, does this mean we will have a database with 3 different sets of credentials? On Thu, 31 Oct 2002, Andrew Bartlett wrote: > Steve Holstead wrote: > > > > I am running samba 2.2.4 on AIX 4.3.3. > > > > I am having a little problem with encrypted password support. Most of > > my client machines will connect okay. However, I have a couple of > > machines (win2000) that fail at logon time. I ran a tcpdump and had a look > > at what was happening.... > > > > Negotiate protocol response says we'll talk at > lanman2.1 > > > > Tree Connect AndX Request says here is my: > > ANSI password of length 24 > > and > > Unicode password of length 106 > > > > Tree Connect AndX Response says "invalid password" > > > > All my successful clients have a ANSI and Unicode passwd len of 24. Does anyone >know what would cause a win2000 client to send me a password of > > 106? > > That's NTLMv2, which Samba 2.2 does not support. It is configured > either by system policy, or the LMcomatiblityLevel Registry setting. > (MS has some docs on it in the KB). > > Samba 3.0 has support for this, but I need to double-check our NTLMSSP > implementation (some things changed there that I may have broken it). > > Andrew Bartlett > > -- > Andrew Bartlett [EMAIL PROTECTED] > Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] > Student Network Administrator, Hawker College [EMAIL PROTECTED] > http://samba.org http://build.samba.org http://hawkerc.net >