Questions tagged [ntlm]

NTLM (NT LAN Manager) is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users.

NTLM has been deprecated for many uses as it doesn't support the latest standards:

Implementers should be aware that NTLM does not support any recent cryptographic methods, such as AES or SHA-256. It uses cyclic redundancy check (CRC) or message digest algorithms (RFC1321) for integrity, and it uses RC4 for encryption. Deriving a key from a password is as specified in RFC1320 and FIPS46-2. Therefore, applications are generally advised not to use NTLM - MSDN and to use Kerberos instead.

Despite this NTLM is still used inside enterprise networks where Microsoft Active Directory provides the enterprise directory service for Integrated Windows Authentication when Kerberos is not available.

NTLM over HTTP handshake is fairly simple:

Request  - [unauthenticated - no user info passed]

Response - 401 Unauthorized
           WWW-Authenticate: NTLM


Request  - Authorization: NTLM <base64-encoded type-1-message>

Response - 401 Unauthorized
           WWW-Authenticate: NTLM <base64-encoded type-2-message>


Request  - Authorization: NTLM <base64-encoded type-3-message>

           Server can now check username/password against LDAP from type-3 message
Response - 200 Ok [now authenticated & authorised]

1230 questions

votes

3 answers

Android: Downloading an NTLM-authentication-protected file

I want to download a file from a Sharepoint server that protected with NTLM authentication from my Android application. I found some tutorials and couldn't successful. I tried using The Java CIFS Client Library and did not successful again. I…

asked Jul 06 '12 at 10:09

Oguz Ozkeroglu

3,025
3
38
64

votes

1 answer

How to validate domain credentials (from native code)?

i want to validate a set of credentials against the domain controller. e.g.: Username: joel Password: splotchy Domain: STACKOVERFLOW In .NET 3.5 and newer you can use PrincipalContext.ValidateCredentials(username, password). Otherwise you're in…

security kerberos ntlm networkcredentials

asked Mar 15 '12 at 16:21

Ian Boyd

246,734
253
869
1,219

votes

4 answers

Node.js integration with MS Exchange EWS

I am attempting to use Node.js to call the SOAP Exchange EWS services. I have created a simple http client like so: var https = require('https'); var username = 'user'; var password = 'password'; var auth = 'NTLM ' + new Buffer(username + ":" +…

node.js exchange-server exchangewebservices ntlm

asked Feb 08 '12 at 21:40

AngryMonkey

votes

3 answers

php: forward ntlm credentials to curl

I have a dynamic php page which I need to call with a get parameter. I then want to put the generated html into a string and use it later ( I'm tryign out tonic framework for web services) So this is similar to PHP - Read dynamically generated (and…

php curl ntlm

asked Feb 02 '12 at 11:40

beginner_

7,230
18
70
127

votes

1 answer

Manual Windows Authentication

I'm currently trying to figure out how to perform manual windows authentication in our ASP.NET Application. The problem is that we have an OData service running, and use FormsAuthentication to provide the generic login mechanism and allow the PUT &…

c# asp.net .net odata ntlm

asked Jan 24 '12 at 15:38

codingbunny

3,989
6
29
54

votes

1 answer

Use NTLM Authentication in Web Request in .NET Core

Update Turns out all I needed to do was upgrade to .NET Core 2.1! Thanks for the solutions everyone! I have a .NET Core 2.0 Console App and need to make a web request to an API which uses Windows Authentication (NTLM specifically). It's an internal…

c# .net-core ntlm

asked Dec 10 '18 at 05:23

Troy Poulter

votes

3 answers

Can I indicate to clients that SPNEGO is supported but NTLM is not for HTTP requests?

The two WWW-Authenticate additions Microsoft makes use of that I am currently aware of are NTLM Negotiate If Negotiate is sent down from the server, based on a set of conditions Kerberos will be used Intranet Zone Accessing the server using a…

kerberos ntlm spnego negotiate www-authenticate

asked Jan 28 '09 at 23:53

Scott Markwell

1,091
2
16
33

votes

5 answers

Alternative to cntlm to authenticate behind corporate proxy

I'm working in a company that's using a proxy to connect to the internet. Some of my applications, especially package-managers of any kind are unable to connect to the proxy and produce 407 (Proxy Authentication required). As a first attempt I tried…

proxy kerberos ntlm

asked Dec 06 '17 at 12:51

walkslowly

votes

2 answers

How to set NTLM authentication in rest template Header in Spring

I want to authenticate NTLM using Rest template , can any one suggest the way ?

spring rest ntlm

asked Aug 22 '17 at 07:18

ssshekhawat

votes

0 answers

Error in Jenkins Gradle builds. NEGOTIATE authentication error: Invalid name provided (Mechanism level: KrbException: Cannot locate default realm)

I am building a gradle project in Jenkins. I have used Jenkins extensively earlier, but with maven and without corporate proxy. Scenario: 1) Systems behind corp proxy 2) A gradle project with gradle wrapper for build. 3) Working Jenkins Master(…

jenkins gradle proxy ntlm

asked Jul 28 '17 at 06:05

VVP

votes

0 answers

Internet Explorer always using NTLM instead of Kerberos

I am trying to browse my HDFS system from internet explorer but for some reason it is always using NTLM instead of Kerberos, so I receive the message GSSException: Defective token detected (Mechanism level: GSSHeader did not find the right…

internet-explorer authentication kerberos ntlm webhdfs

asked Apr 22 '16 at 12:42

Johan

votes

1 answer

NTLM authentication in Selenium RemoteWebDriver

I am trying to use the Selenium HtmlUnit driver in C# tests. As far as I know, the only way to use the HtmlUnit driver in C# is through Selenium server and the RemoteWebDriver: var driver = new OpenQA.Selenium.Remote.RemoteWebDriver( …

c# selenium selenium-webdriver ntlm selenium-server

asked Sep 03 '15 at 02:06

personne3000

1,780
3
16
27

votes

1 answer

Sharepoint 2013 site NTLM authentication javascript doPostBack doesnt work in Safari&iPad

I have a really interesting problem. We have a site created with sharepoint 2013. We use Windows - NTLM authentication. In a page includes custom discussionListWebPart, we have a filter button which use javascript doPostBack function with webpart…

ipad sharepoint safari ntlm dopostback

asked Aug 27 '15 at 07:10

Habib Adıbelli

1,181
7
14

votes

3 answers

Has anyone combined soap.py or suds with python-ntlm?

I'd like to replace an app's current (badly busted and crufty) cURL-based (cURL command-line based!) SOAP client with suds or soap.py. Trouble is, we have to contact an MS CRM service, and therefore must use NTLM. For a variety of reasons the NTLM…

python soap ntlm suds soappy

asked Mar 25 '10 at 14:57

Chris R

17,546
23
105
172

votes

1 answer

Forwarding NTLM credentials from IIS with ARR and URL Rewrite

Thanks in advance for your help. In my environment, I configured IIS to act as a reverse proxy and forward requests to certain paths to an application server on another host. In order to do this, I used Application Request Routing (ARR) and URL…

iis windows-authentication ntlm url-rewrite-module arr

asked Jun 04 '14 at 08:00

rkl3ss

Prev 1 2 3

…

81 82 Next