Questions tagged [ntlm]

NTLM (NT LAN Manager) is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users.

NTLM has been deprecated for many uses as it doesn't support the latest standards:

Implementers should be aware that NTLM does not support any recent cryptographic methods, such as AES or SHA-256. It uses cyclic redundancy check (CRC) or message digest algorithms (RFC1321) for integrity, and it uses RC4 for encryption. Deriving a key from a password is as specified in RFC1320 and FIPS46-2. Therefore, applications are generally advised not to use NTLM - MSDN and to use Kerberos instead.

Despite this NTLM is still used inside enterprise networks where Microsoft Active Directory provides the enterprise directory service for Integrated Windows Authentication when Kerberos is not available.

NTLM over HTTP handshake is fairly simple:

Request  - [unauthenticated - no user info passed]

Response - 401 Unauthorized
           WWW-Authenticate: NTLM


Request  - Authorization: NTLM <base64-encoded type-1-message>

Response - 401 Unauthorized
           WWW-Authenticate: NTLM <base64-encoded type-2-message>


Request  - Authorization: NTLM <base64-encoded type-3-message>

           Server can now check username/password against LDAP from type-3 message
Response - 200 Ok [now authenticated & authorised]

1230 questions

votes

1 answer

401 when calling Web Service only on particular machines

We have developed a WPF Application with C# and are using RestSharp to communicate with a simple Web Service like this: Client = new RestClient(serviceUri.AbsoluteUri); Client.Authenticator = new NtlmAuthenticator(SvcUserName,…

asked Aug 11 '15 at 08:34

hoetz

2,368
4
26
58

votes

1 answer

"The matching wildcard is strict, but no declaration can be found for element 'http'" Error

I am trying to configure NTLM authentication, but receive error: cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'http'. I read a lot of topics with a similar error, but I could not find a…

java spring spring-security ntlm spring-3

asked May 12 '12 at 06:27

DmitryB

1,149
5
20
34

votes

6 answers

Integrated Windows Auth (NTLM) on a Mac using Google Chrome or Safari

An IIS7 Intranet site with Windows Authentication enabled. When hit from Chrome on windows the pass-through authentication works fine (no User / Password prompt), however, Chrome on a Mac you get a prompt. Since the internal network uses CAC/PKI no…

macos google-chrome iis-7 ntlm

asked Dec 23 '11 at 13:47

Louis Ricci

20,804
5
48
62

votes

4 answers

How to enable windows authentication through a reverse proxy?

Sorry if it is a duplicate, as I am not a security nor network expert I may have missed the correct lingo to find information. I am working on an application to intercept and modify HTTP requests and responses between a web browser and a web server…

iis authentication ntlm reverse-proxy

asked Dec 06 '10 at 16:14

jeremy-george

1,171
1
9
20

votes

2 answers

NTLM authentication HttpClient in Core

I am trying to use the HttpClient to access a REST service which requires NTLM authentication. However I keep getting a 401 Unauthorized. My code looks like this private static void Main() { var uri = new…

c# .net-core httpclient ntlm

asked Dec 14 '17 at 22:09

Torben Nielsen

votes

1 answer

Is there a proper way to add NTLM auth type into SwiftMailer using SwiftMailer bundle in symfony?

I have symfony project with swiftMailer bundle. I was trying to send email via swiftmailer using NTLM auth. But I have not found a way to turn on NTLM via configuration of the bundle. After struggling with it I have found solution First…

php symfony swiftmailer ntlm

asked Apr 05 '16 at 06:08

sectus

15,605
5
55
97

votes

3 answers

JAX-WS Sharepoint 401 Unauthorized NTLM

I try to access a Sharepoint list via JAX-WS as described here However, when running the code below I get: java.lang.Exception: Exception. See stacktrace.com.sun.xml.internal.ws.client.ClientTransportException: The server sent HTTP status code 401:…

java sharepoint jax-ws exchange-server ntlm

asked Feb 01 '11 at 16:28

Christoph

votes

1 answer

Powershell invoke WebRequest with NTLM for a post

INITIAL QUESTION How Can I perform Invoke-WebRequest or similar, with Powershell so that NTLM authentication is used but also supply a body for a post. EXAMPLE The code sample below is my example post using invoke web request and pipes response out…

rest powershell ntlm

asked Jan 26 '18 at 15:59

Murchie85

votes

5 answers

Javamail NTLM Authentication Failure

Trying to connect to Exchange server using NTLM in JavaMail. I can connect to SMTP, but not IMAP. I can also authenticate via the OS X Mail.app application using the identical host/username/password, account type = "IMAP", Port 143, ssl=false,…

java exchange-server jakarta-mail ntlm

asked Dec 02 '10 at 17:19

Sam Barnum

10,559
3
54
60

votes

3 answers

SMTP through Exchange using Integrated Windows Authentication (NTLM) using Python

I want to use the credentials of the logged-in Windows user to authenticate an SMTP connection to an Exchange server using NTLM. I'm aware of the python-ntlm module and the two patches that enable NTLM authentication for SMTP, however I want to use…

python smtp ntlm pywin32

asked May 26 '10 at 20:10

Louis

votes

5 answers

nginx reverse proxy with Windows authentication that uses NTLM

Anyone knows if is possible to do reverse proxy with Windows authentication that uses NTLM? I cant find any example on this. What should be the values of more_set_headers field? location / { proxy_http_version 1.1; …

nginx reverse-proxy ntlm

asked Jan 22 '14 at 13:57

matheus

votes

6 answers

git clone with NTLM proxy hangs after resolving deltas

I saw here many questions covering git and proxy topics but none of them solves my problem. I am cloning a git repository from Bitbucket. Everything works fine from my home network but hangs at work where we are using proxy with NTLM authentication.…

git https clone ntlm

asked Nov 20 '12 at 12:35

tommyk

3,187
7
39
61

votes

3 answers

Access Exchange Web Services with PHP and cURL

Hello, I am currently writing a client to access a Microsoft Exchange server and read contacts, appointments etc. from it. Through days of searching I've been able to connect to the EWS via PHP's Soap client and a custom HTTPS Stream wrapper. This…

php curl ntlm exchangewebservices http-status-code-401

asked Oct 05 '11 at 16:00

DarkDevine

1,047
1
9
12

votes

6 answers

HttpClient 4.1.1 returns 401 when authenticating with NTLM, browsers work fine

I'm trying to use the Apache/Jakarta HttpClient 4.1.1 to connect to an arbitrary web page using the given credentials. To test this, I have a minimal install of IIS 7.5 on my dev machine running where only one authentication mode is active at a…

java iis httpclient ntlm digest

asked May 06 '11 at 21:48

Jesse

votes

11 answers

Jenkins proxy 407 error

I'm running Jenkins CI inside a corporate network which uses a proxy for internet access. I tried to configure proxy details in Plugins->Advanced, but even though the credentials are correct (yeah, I checked it a bunch of times), it cannot validate…

java apache jenkins proxy ntlm

asked Apr 16 '15 at 18:13

Ilves

Prev 1 2

…

81 82 Next