From: Malcolm Jack <[EMAIL PROTECTED]>On win2k its not the default.
Hi Chris, Thanks for the response.
Can you point me in the direction of where to make such a change? >Also, I thought that windows 2000 used NTLMv2, and the w2K box seems >to work ok. any ideas?
If you use AD then its in your domain group policy, otherwise goto start:programs:admin tools:local security policy:local policies:security options:Lan Manager Authentication level
I recommend setting to "Send NTLMv2 response only, refuse LM" which is one setting below the highest and will allow NTLM authentication.
Also if you haven't looked at this before you should google for the registry tweak to make sure LM hashes aren't stored for backwards compatibility. LC4 can break a weak password LM hash in under a second.
Chris Berry
[EMAIL PROTECTED]
Systems Administrator
JM Associates
"I have found the way, and the way is Perl."
_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
