Bug 6274 - Incorrect README
Incorrect README
Status: RESOLVED FIXED
Product: mod_auth_ntlm_winbind
Classification: Unclassified
Component: module
0.1
All All
: P3 normal
: ---
Assigned To: Samba Bugzilla Account
Gerald (Jerry) Carter
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-04-18 13:20 UTC by LarsE
Modified: 2014-04-21 15:42 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description LarsE 2009-04-18 13:20:03 UTC
The README says:

[...]
the NTLM over HTTP protocol is completed undocumented by Microsoft but has been reverse engineered and described at the following URL:

 http://davenport.sf.net/ntlm.html
[...]

Since 2007 this is incorrect. Microsoft have documented all NTLM related stuff.
All Windows Communicatations Protocols are documented here:

http://msdn.microsoft.com/en-us/library/cc216513(PROT.10).aspx

You can download a full zip will all PDFs for all Windows Communication Protocols (about 220 Mb download). You can also download the PDFs individually.

More specifically the specifications relating to NTLM are:

MS-NLMP:  Main document describing NTLM v1, NTLM v2. etc.
http://msdn.microsoft.com/en-us/library/cc236621(PROT.10).aspx

MS-NTHT: NTLM over HTTP protocol
http://msdn.microsoft.com/en-us/library/cc237488(PROT.10).aspx

MS-NNTP: Specifies the use of NTLM authentication by NNTP (Network News Transfer Protocol)
http://msdn.microsoft.com/en-us/library/cc236774(PROT.10).aspx

MS-POP3: NTML for use with POP3
http://msdn.microsoft.com/en-us/library/cc239183(PROT.10).aspx

MS-SMTP: NTML for use with SMTP
http://msdn.microsoft.com/en-us/library/cc246807(PROT.10).aspx


The above - and nothing else - should be considered the official documentation for NTLM, imho.
Comment 1 Matthias Dieter Wallnöfer 2010-06-02 11:21:22 UTC
Reassigning this bug to the default assignee since Jerry is no longer directly involved in Samba development.
Comment 2 Lars Müller 2014-04-21 15:39:07 UTC
Authentication via NTLM is no longer the main protocol today.

Instead we encourage people ti use Apache mod_auth_kerb

Please reopen if you think this should be documented better.  In that case please add your patch or better a git pull request.