LISTSERV - HP3000-L Archives

HP3000-L Archives

May 1997, Week 5

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L May 1997, Week 5

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	FW: Samba/iX and NT 4.0 SP3
From:	Michael L Gueterman <[log in to unmask]>
Reply To:	Michael L Gueterman <[log in to unmask]>
Date:	Fri, 30 May 1997 12:57:35 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (67 lines)

I'm forwarding this to the list with Joe's permission...

Regards,
Michael
--

----------
From:  Joe Geiser[SMTP:[log in to unmask]]
Sent:  Thursday, May 29, 1997 6:45 PM
To:  Michael L Gueterman
Subject:  Re: Samba/iX and NT 4.0 SP3

----------
> From: Michael L Gueterman <[log in to unmask]>
> To: [log in to unmask]
> Subject: Samba/iX and NT 4.0 SP3
> Date: Thursday, May 29, 1997 6:54 PM
>
> At this point, I'm not sure what all of the ramifications are for doing
> this outside of the obvious (your password can be clearly seen by
> anyone with a packet sniffer who happens to pick your login up).
> You can always delete this value and reboot again if something else
> breaks.  If anyone does find some other reason NOT to enable this,
> please let me know.
>

According to my docs on this SP (and from early exposure to it), if this
registry key is changed, the encryption method for challenge/response is
reverted back to what it was.

NT Servers never transmit the password, however - and neither do the
clients, whether encrypted or otherwise.  NT will, when a logon attempt is
made by a client, challenge the client with an encrypted passcode - not
the physical password itself, but an encoded passcode.  The client must
interpret this passcode successfully and pass it back as another encoded
passcode.  The first passcode is based on the password itself, as is the
second, which is entered by the user.

SP3 modifies the encryption method, but Windows clients and servers are
able to recognize it.  The necessary code was not ported to Samba/iX -
it's too new.  Setting the encryption method back to it was solves the
Samba/iX issue, and there should be no immediate ramifications,
however...and this should go to the Samba Listserv - this new encryption
method should be put into Samba as soon as possible, as it has to do with
the new "Shell" everyone keeps hearing about for the next retail release
of Windows 95 and Internet Explorer 4.0 - NT gets it first, then Win 95.

Backward compatibility for Win/Workgroups should be maintained - at least
for the time being.  My feeling on the subject is that it's just another
nail in the 16-bit Windows coffin - and to get folks to move over to 95
and NT.

Hope this helps with the explanations you might be wanting...or at least,
an education if you didn't know how NT authenticates.

Best,
Joe
---------------------------------------------------------------------------
-
Joe Geiser - CSI Business Solutions, LLC
140 Bristol-Oxford Valley Road, Suite 102
Langhorne, PA  19047-3083, USA
Phone: (215) 945-8100     Fax: (215) 943-8408
[log in to unmask]            http://www.csillc.com
---------------------------------------------------------------------------
-

ATOM RSS1 RSS2

RAVEN.UTC.EDU