RE: NTLM authentication

From: Chemolli Francesco (USI) <ChemolliF@dont-contact.us>
Date: Wed, 2 Aug 2000 08:40:20 +0200

> Chemolli Francesco (USI) wrote:
>
> > Yes, you are.
> > It first presents its workstation name and domain, and even
> > that not always.
> > Before you ask: yes, I have network traces showing such a behaviour.
>
> Are you sure the user is logged in to the domain when this happens?

Yes.

> > > which makes sense to me as I thought you need to know the
> > > user domain to
> > > be able to get the challenge from the correct domain controller...
> >
> > Correct. I am puzzled as to what happens when the client offers no
> > such information, maybe the proxy is supposed to ask a
> challenge to his
> > own DC, or his local authentication service.
>
> But.. his own DC or authentication service won't know the
> password hash,
> so how is the password validated then?

Trust relationships maybe.

I am still investigating the fact.
        /kinkie
Received on Wed Aug 02 2000 - 00:33:41 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:12:33 MST