Re: dsclient - ntlm v2

From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 07/29/05 

Date: Fri, 29 Jul 2005 07:09:01 -0700

To what are you trying to connect with the downlevel machine ?
To an member in AD? What is its Windows version?
To a strand-alone? Are you sure the problem is with authentication
rather than with communications signing requirements ?
Does anything show in the event log of the target machine ?
What is the behavior as seen at the downlevel client machine ? 

-- 
Roger Abell
Microsoft MVP (Windows  Security)
MCSE (W2k3,W2k,Nt4)  MCDBA
"Leonardo Bispo" <LeonardoBispo@discussions.microsoft.com> wrote in message
news:7CC28917-4ABC-4D4F-9191-EF1EF80A811B@microsoft.com...
> I need to know how make win 9x work with ntlm v2.
> Iīve installed dsclient, changed the registry like described in some
> websites, but isnīt work.
> It donīt autenticate. The only way to this work is changing the registry
to
> level 0, but with this the ntlm v2 donīt work.
>
> > Locate and click the following key in the registry:
> > HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control
> >
> > Create an LSA registry key in the registry key listed above
> >
> > On the Edit menu, click Add Value, and then add the following registry
> > value:
> > Value Name: LMCompatibilityLevel
> > Data Type: REG_DWORD
> > Value: 3
> > Valid Range: 0,3
> > Description: This parameter specifies the mode of authentication and
> > session
> > security to be used for network logons. It does not affect interactive
> > logons.
> > . Level 0 - Send LM and NTLM response; never use NTLM 2 session
security.
> > Clients will use LM and NTLM authentication, and never use NTLM 2
session
> > security; domain controllers accept LM, NTLM, and NTLM 2 authentication.
> > . Level 3 - Send NTLM 2 response only. Clients will use NTLM 2
> > authentication and use NTLM 2 session security if the server supports
it;
> > domain controllers accept LM, NTLM, and NTLM 2 authentication.
> >
> Thanks,
> Leonardo

Relevant Pages
Quantcast