Re: No LM Hash - no really
From: Miha Pihler (mihap-news_at_atlantis.si)
Date: 08/22/04
- Next message: Ian Boyd: "Re: No LM Hash - no really"
- Previous message: Ian Boyd: "Re: No LM Hash - no really"
- In reply to: Ian Boyd: "Re: No LM Hash - no really"
- Next in thread: Ian Boyd: "Re: No LM Hash - no really"
- Reply: Ian Boyd: "Re: No LM Hash - no really"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 22 Aug 2004 16:50:49 +0200
Ian,
I tried this in my lab and for me it works without any problems.
I did the changes that are described in the KB 299656 on my DC. I tried
using regedit and GP editor. After I switched from LM to NTLM and reset the
password it created NTLM Hash. If I removed the registry key or GP setting
and I reset the password I got LM "Hash"
I did have to restart server (domain controller) between changes for new
settings to kick in...
Mike
"Ian Boyd" <admin@SWIFTPA.NET> wrote in message
news:ez2mSCFiEHA.1656@TK2MSFTNGP09.phx.gbl...
> > Can you check the steps in this article. I will this in my lab now.
> >
> > How to prevent Windows from storing a LAN manager hash of your password
in
> > Active Directory and local SAM databases
> > http://support.microsoft.com/default.aspx?scid=kb;en-us;299656&sd=tech
>
> i know that article very well - i've been cursing it for 7 hours.
>
> i've done all but step #3 (make a password longer than 15 characters)
>
> Since i am not going to force users to do that - just to get around a bug
in
> a security hole fix.
>
>
- Next message: Ian Boyd: "Re: No LM Hash - no really"
- Previous message: Ian Boyd: "Re: No LM Hash - no really"
- In reply to: Ian Boyd: "Re: No LM Hash - no really"
- Next in thread: Ian Boyd: "Re: No LM Hash - no really"
- Reply: Ian Boyd: "Re: No LM Hash - no really"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
