From: Aaron Turner on
I know NTLMv1 isn't secure and NTLMv2 is better. But I need to test a
client's NTMLv1 compatibility when the server does not support NTLMv2
and to do that I need samba (current version 3.0.33 via CentOS 4) to
not try to negotiate NTMLv2. All the searches I've done tell me how
to enable NTLMv2, but specifying:

[global]
encrypt passwords = yes
ntlm auth = yes
lanman auth = no

Does not cause Samba to mark the Negotiate NTLMv2 Key bit as disabled
in the NTLMSSP Flags message sent by the server.

Ideally this would be done inside of GSS/SPENGO (which is what is
currently happening), but I'm willing to use raw NTLMSSP if that is
necessary. I'm also willing to use a different version of Samba if
necessary.

Thanks!

--
Aaron Turner
http://synfin.net/
http://tcpreplay.synfin.net/ - Pcap editing and replay tools for Unix & Windows
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety.
-- Benjamin Franklin
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba