See RFE filed against pidgin-sipe to use automatic NTLM authentication: https://sourceforge.net/p/sipe/feature-requests/64/ And in particular the following reply: After studying soup-auth-ntlm.c I have come to conclusion that the ntlm_auth approach only works for HTTP connections, because all you need there are the raw NTLM challenge/response messages. But M$ has extended the SIP protocol with a mandatory Message Integrity Code (see [MS-SIP] , section 3.1.4.2 for details). You can only generate and verify MIC's if you have the Exported Session Key, which is generated during the NTLM authentication message (see src/core/sip-sec- ntlm.c:sip_sec_ntlm_gen_authenticate(), e.g. client_sign_key). As far as I can tell Samba does not offer a GSSAPI to winbind, which would be required for SIPE to be able to use the cached credentials. I'm largely ignorant of the details and playing man-in-the-middle here... please could we make this work?
I think this is actually possible since commit fe348fdb2 enabled us to get the session key. Not that it works with cached credentials, qv.