Re: Can't get advanced digest authentication working

From Microsoft Windows XP/2003 Security Target paper, 2005:

'However, in Windows Server 2003 TOE, the AD extended schema properties
ensures that every newly created user account automatically has the Digest
authentication password hashed and stored as a field in the "AltSecId"
property of the user object.'

Also altsecid and atsecurityidentities appear to be identical?

Our problem is that when a new domain account is created
altsecurityidentities is not populated for that user.



"David" <idstechnet@xxxxxxxxxxxxxxx> wrote in message
Hi there - yes it is a member server.
As per your Q article a user should have the password hash stored in
AltSecID . I assume this is the same as altsecurityidentities as shown in
adsiedit (we don't have altsecid listed). How do we troubleshoot this -
or is this an AD group question?

""WenJun Zhang[msft]"" <wjzhang@xxxxxxxxxxxxxxxxxxxx> wrote in message
Hi David,

First of all, is the server a member of Windows 2003 domain? Currently
Windows 2003 domain supports Advanced Digest authentication because only
Windows 2003 domain controller stores the digest hash. Please refer to:

824032 Digest authentication and Advanced Digest authentication in
Server 2003;EN-US;824032



WenJun Zhang

Microsoft Online Community Support


Get notification to my posts through email? Please refer to:

Note: The MSDN Managed Newsgroup support offering is for non-urgent
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at:


This posting is provided "AS IS" with no warranties, and confers no