Questions tagged [ntlm]

NTLM (NT LAN Manager) is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users.

NTLM has been deprecated for many uses as it doesn't support the latest standards:

Implementers should be aware that NTLM does not support any recent cryptographic methods, such as AES or SHA-256. It uses cyclic redundancy check (CRC) or message digest algorithms (RFC1321) for integrity, and it uses RC4 for encryption. Deriving a key from a password is as specified in RFC1320 and FIPS46-2. Therefore, applications are generally advised not to use NTLM - MSDN and to use Kerberos instead.

Despite this NTLM is still used inside enterprise networks where Microsoft Active Directory provides the enterprise directory service for Integrated Windows Authentication when Kerberos is not available.

NTLM over HTTP handshake is fairly simple:

Request  - [unauthenticated - no user info passed]

Response - 401 Unauthorized
           WWW-Authenticate: NTLM


Request  - Authorization: NTLM <base64-encoded type-1-message>

Response - 401 Unauthorized
           WWW-Authenticate: NTLM <base64-encoded type-2-message>


Request  - Authorization: NTLM <base64-encoded type-3-message>

           Server can now check username/password against LDAP from type-3 message
Response - 200 Ok [now authenticated & authorised]

1230 questions

votes

4 answers

What TargetName to use when calling InitializeSecurityContext (Negotiate)?

The Question When calling InitializeSecurityContext, what value do i pass to the TargetName parameter? Revised Background I'm calling the function InitializeSecurityContext: InitializeSecurityContextA( @pAS.hcred, //[in] credentials …

asked Mar 20 '12 at 14:01

Ian Boyd

246,734
253
869
1,219

votes

5 answers

Configuring Git on Windows to use NTLM proxy authentication

I'm trying to access a repository on Github from a Windows machine that is behind a proxy that requires NTLM authentication. Neither SSH nor the git:// protocol are directly available, so I'm trying to make this work with HTTPS through the…

git proxy ntlm msysgit

asked Feb 20 '11 at 22:14

Greg Hewgill

951,095
183
1,149
1,285

votes

3 answers

How to support NTLM authentication with fall-back to form in ASP.NET MVC?

How can I implement following in ASP.NET MVC application: user opens intranet website user is silently authenticated if possible if NTLM authentication didn't worked out, show login form to user user indicate login password and select domain from…

c# asp.net-mvc authentication ntlm

asked Oct 26 '10 at 20:51

Igor Romanov

1,689
2
19
36

votes

2 answers

NTLM authentication in Python

I'm trying to implement NTLM authentication on IIS (Windows Server 2003) from Windows 7 with python. LAN Manager Authentication Level: Send NTLM response only. Client machine and server are in the same domain. Domain controller (AD) is on another…

python authentication ntlm

asked Jun 03 '10 at 20:21

Svetlana

votes

4 answers

NTLM Authentication using RestSharp?

I am trying to use NTLM authentication for my REST calls to TeamCity using RestSharp. IRestClient _client=new RestClient(_url); _client.Authenticator = new NtlmAuthenticator …

ntlm restsharp teamcity-7.1

asked Nov 21 '13 at 11:44

pinaki

votes

9 answers

Does git clone work through NTLM proxies?

I've tried both using export http_proxy=http://[username]:[pwd]@[proxy] and git config --global http.proxy http://[username]:[pwd]@[proxy]. I couldn't make it work. It looks like git uses Basic authentication: Initialized empty Git repository in…

git proxy curl ntlm

asked Nov 23 '09 at 15:01

AndreaG

1,106
2
12
28

votes

5 answers

using wget against protected site with NTLM

Trying to mirror a local intranet site and have found previous questions using 'wget'. It works great with sites that are anonymous, but I have not been able to use it against a site that is expecting username\password (IIS with Integrated Windows…

wget ntlm mirroring

asked Jul 14 '09 at 13:48

Joey V.

1,866
1
22
18

votes

2 answers

C# WebClient NTLM authentication starting for each request

Consider a simple C# NET Framework 4.0 application, that: uses WebClient authenticates using NTLM (tested on IIS 6.0 and IIS 7.5 server) retrieves a string from an URL multiple times using DownloadString() Here's a sample that works fine: using…

c# .net authentication webclient ntlm

asked Sep 30 '16 at 08:51

c4n

votes

8 answers

Get current Windows user name within Silverlight

Is it possible to get the currently logged in user's username with Silverlight? You can assume that user has Windows OS and the Silverlight application is hosted in Internet Explorer. Getting the identity from server side with ASP.NET is not an…

windows silverlight kerberos ntlm

asked Jul 24 '09 at 09:18

huseyint

14,953
15
56
78

votes

7 answers

Alternatives for JCIFS NTLM library

Are there any alternatives for JCIFS NTLM library?

java ntlm jcifs josso

asked Feb 23 '09 at 08:00

Veera

votes

1 answer

Why is CNTLM asking for password?

I have configured CNTLM Proxy Authorization on Windows with configuration file looking like, Auth NTLM PassNT XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX PassLM YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY PassNTLMv2 …

proxy ntlm

asked Oct 16 '13 at 10:49

anoopelias

9,240
7
26
39

votes

2 answers

How to transform NTLM credentials to Kerberos token in Node.js

I want to build a server using Node.js, which acts as some kind of proxy. The clients that connect to my server use NTLMv2 for authentication (there is no chance to change this), but the upstream server my server shall connect to requires a Kerberos…

node.js kerberos ntlm ntlm-authentication ntlmv2

asked Jul 08 '19 at 13:47

Golo Roden

140,679
96
298
425

votes

2 answers

NTLM Authentication - Get Windows login, domain and host in PHP

I am working on a Single Sign-On (SSO) PHP application. Users log in their Windows session, and they want to be automatically logged in the application with their Windows account (connected with LDAP Active Directory). I tried this script…

php apache authentication ntlm windows-server

asked May 06 '15 at 07:21

Maxime Mettey

votes

5 answers

Using NTLM authentication in Java applications

I want to use Windows NTLM authentication in my Java application to authenticate intranet users transparently. The users should not notice any authentication if using their browsers (single sign-on). I've found a few libs with NTLM support, but…

java windows security authentication ntlm

asked Feb 22 '13 at 09:25

deamon

89,107
111
320
448

votes

6 answers

Single Sign-On Server Authentication in Ruby/Rack

I write and host web applications on Windows servers for intranet usage. My server stack uses Sinatra (which uses Rack), Thin, and (in some cases) Apache for reverse-proxying only. I want to support Single Sign-on (using NTLM or Kerberos) within our…

ruby active-directory rack kerberos ntlm

asked Apr 16 '11 at 16:54

Phrogz

296,393
112
651
745

Prev 1

…

81 82 Next