You are viewing a plain text version of this content. The canonical link for it is here.

Posted to httpclient-users@hc.apache.org by Shailesh Joshi <sh...@persistent.co.in> on 2008/02/28 11:27:06 UTC

[Help] NTLM Auth fails after disabling LM hashes of passwords

Hi.

We are using HttpClient for NTLM Authentication.

We are facing issues when we - disable the storage of LM hashes of user's
passwords. (http://support.microsoft.com/kb/299656)

 

Following steps are followed in Windows Server 2003. 

 

Control Panel -> Administrative Tools -> Domain Security Policy -> Local
Policies -> Security Options -> Network security: Do not store LAN Manager
Hash value on next password change. - Click Enabled and then click OK.

 

After setting this property, we are facing problems in NTLM authentication.

Has anyone faced similar issue? Is there any dependency of HttpClient with
LM Hashes?

 

Thanks and Regards,

Shailesh

 

 


DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails.

Re: [Help] NTLM Auth fails after disabling LM hashes of passwords

Posted by Oleg Kalnichevski <ol...@apache.org>.

On Thu, 2008-02-28 at 15:57 +0530, Shailesh Joshi wrote: 
> Hi.
> 
> We are using HttpClient for NTLM Authentication.
> 
> We are facing issues when we - disable the storage of LM hashes of user's
> passwords. (http://support.microsoft.com/kb/299656)
> 
>  
> 
> Following steps are followed in Windows Server 2003. 
> 
>  
> 
> Control Panel -> Administrative Tools -> Domain Security Policy -> Local
> Policies -> Security Options -> Network security: Do not store LAN Manager
> Hash value on next password change. - Click Enabled and then click OK.
> 
>  
> 
> After setting this property, we are facing problems in NTLM authentication.
> 
> Has anyone faced similar issue? Is there any dependency of HttpClient with
> LM Hashes?
> 

I believe this effectively disables NTLMv1 support, the only version of
NTLM protocol HttpClient 3.x can interoperate with. For details see

http://wiki.apache.org/HttpComponents/FrequentlyAskedNTLMQuestions

Oleg


> 
> 
> Thanks and Regards,
> 
> Shailesh
> 
>  
> 
> 
> 
> 
> DISCLAIMER
> ==========
> This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails.


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org