Re: LM password hashes - still being used?
From: Hairy One Kenobi (abuse_at_[127.0.0.1)
Date: Mon, 05 Jul 2004 13:30:33 GMT
"Craig Williams" <firstname.lastname@example.org> wrote in message
> I would like to disable LM password hash creation/storage in our Windows
> 2003 domain.
> The challenge is that we have a fairly large domain, and while standards
> that all desktops should be at least NT4, I am not completely sure that
> *ALL* 9x clients are gone. Is there a way to tell if clients that are
> authenticated by using the LM password hash before I disable LM hash
> creation. Maybe a particular event for their auth in the security log, or
> some other tool like the netlogon debug log?
In addition to Joe's comments - one other thing to consider is whether Win9x
laptops ever connect to the network.
If it's a fairly large domain - as you say - and *if* you have mobile users,
then you might have to monitor the connection types for longer than you
-- Hairy One Kenobi Disclaimer: the opinions expressed in this opinion do not necessarily reflect the opinions of the highly-opinionated person expressing the opinion in the first place. So there!