Bug 13045 - Authentication fails on Windows 10 with "Send LM & NTLM - use NTLMv2 session security if negotiated"
Authentication fails on Windows 10 with "Send LM & NTLM - use NTLMv2 session ...
Status: NEW
Product: Samba 4.1 and newer
Classification: Unclassified
Component: File services
4.7.0rc6
All All
: P5 normal
: ---
Assigned To: Samba QA Contact
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-09-20 23:16 UTC by Justin Maggard
Modified: 2017-09-20 23:17 UTC (History)
0 users

See Also:


Attachments
Wireshark capture of login attempt (4.15 KB, application/vnd.tcpdump.pcap)
2017-09-20 23:16 UTC, Justin Maggard
no flags Details
Debug level 10 log (12.77 KB, application/x-xz)
2017-09-20 23:17 UTC, Justin Maggard
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Justin Maggard 2017-09-20 23:16:59 UTC
Created attachment 13617 [details]
Wireshark capture of login attempt

With the current Samba default "ntlm auth" setting of ntlmv2-only, authentication fails from Windows 10 clients if they have "Network security: LAN Manager authentication level" set to "Send LM & NTLM - use NTLMv2 session security if negotiated.

I am able to authenticate if I change "ntlm auth" to ntlmv1-permitted, or if I change the Windows "Network security: LAN Manager authentication level" policy to "Send NTLMv2 response only".
Comment 1 Justin Maggard 2017-09-20 23:17:58 UTC
Created attachment 13618 [details]
Debug level 10 log