RE: Possible bug using NTLMv2 across trusted domains.

[Paulo Meireles <pa...@tcsi.pt>]

Hi,

1 - You must be aware, by now, that your machine is infected. Please
install and run a recented/updated antivirus. The fact that your question
contained a virus is a good reason why nobody answered it.

2 - This list is for mod_perl questions; asking about a particular
module is OT (Off-Topic) and that's another reason why nobody answered.

3 - Even if it was on topic, you're testing with *very* old service packs.
If you, absolutely, must use an old service pack, then please tell us why;
The question is, maybe it's not a bug on the NTLM2 module - but a bug on
Windows NT itself, eventualy corrected in SP6a. This is the final reason
why your question will remain... unanswered.

So, please install both SP6a and the post-sp6a "security rollup package"
on the Windows NT machines, and then contact the module author (or whatever
procedures for bug reporting are in the module documentation).

Regards,

Paulo Meireles

-----Mensagem original-----
De: Kevin [mailto:ktneely@magnet.at]
Enviada: segunda-feira, 7 de Julho de 2003 17:38
Para: undisclosed-recipients:
Assunto: Possible bug using NTLMv2 across trusted domains.


I believe I have found a problem with NTLMv2 authentication across trusted
domains.

the setup:
DomainA (PDC-A and BDC-A both SP4)
DomainB (PDC-B and BDC-B both SP4)
Two-way trust exists between DomainA and DomainB
client machine (Client1) tested with both SP4 & SP5 resides in DomainA

When I add the value LMCompatibilityLevel in
HKEY_LOCAL_MACHINE\System\CurrentControlSet\control\LSA
and set it at 3 (send NTLMv2 response only) everyth@