summaryrefslogtreecommitdiff
path: root/source3/param
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2003-09-06 19:23:24 +0000
committerGerald Carter <jerry@samba.org>2003-09-06 19:23:24 +0000
commitc913fc058113b3a3a193f7b98459679945afcf03 (patch)
treeef134e0d629f2aa8f31953212fd58a4538b22a3c /source3/param
parentd5bef211d0cee0f0c7fab5c890694cabd408e6e3 (diff)
downloadsamba-c913fc058113b3a3a193f7b98459679945afcf03.tar.gz
samba-c913fc058113b3a3a193f7b98459679945afcf03.tar.bz2
samba-c913fc058113b3a3a193f7b98459679945afcf03.zip
address bug #359. Andrew B's patch for implementing client
portion of NTLMv2 key exchange. Also revert the default for 'client ntlmv2 auth' to no. This caused no ends of grief in different cases. And based on abartlet's mail.... > All I care about at this point is that we use NTLMv2 > in our client code when connecting to a server that > supports it. There is *no* way to tell this. The server can't tell us, because it doesn't know what it's DC supports. The DC can't tell us, because it doesn't know what the trusted DC supports. One DC might be Win2k, and the PDC could be an older NT4. (This used to be commit fe585d49cc3df0d71314ff43d3271d276d7d4503)
Diffstat (limited to 'source3/param')
-rw-r--r--source3/param/loadparm.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index c801c4c522..41b32cef10 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -1427,7 +1427,8 @@ static void init_globals(void)
Globals.bClientPlaintextAuth = True; /* Do use a plaintext password if is requested by the server */
Globals.bLanmanAuth = True; /* Do use the LanMan hash if it is available */
Globals.bNTLMAuth = True; /* Do use NTLMv1 if it is available (otherwise NTLMv2) */
- Globals.bClientNTLMv2Auth = True; /* Client should use NTLMv2 if available. */
+ Globals.bClientNTLMv2Auth = False; /* Client should not use NTLMv2, as we can't tell that the server supports it. */
+ /* Note, that we will use NTLM2 session security (which is different), if it is available */
Globals.map_to_guest = 0; /* By Default, "Never" */
Globals.min_passwd_length = MINPASSWDLENGTH; /* By Default, 5. */