Questions tagged [ntlm]

NTLM (NT LAN Manager) is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users.

NTLM has been deprecated for many uses as it doesn't support the latest standards:

Implementers should be aware that NTLM does not support any recent cryptographic methods, such as AES or SHA-256. It uses cyclic redundancy check (CRC) or message digest algorithms (RFC1321) for integrity, and it uses RC4 for encryption. Deriving a key from a password is as specified in RFC1320 and FIPS46-2. Therefore, applications are generally advised not to use NTLM - MSDN and to use Kerberos instead.

Despite this NTLM is still used inside enterprise networks where Microsoft Active Directory provides the enterprise directory service for Integrated Windows Authentication when Kerberos is not available.

NTLM over HTTP handshake is fairly simple:

Request  - [unauthenticated - no user info passed]

Response - 401 Unauthorized
           WWW-Authenticate: NTLM


Request  - Authorization: NTLM <base64-encoded type-1-message>

Response - 401 Unauthorized
           WWW-Authenticate: NTLM <base64-encoded type-2-message>


Request  - Authorization: NTLM <base64-encoded type-3-message>

           Server can now check username/password against LDAP from type-3 message
Response - 200 Ok [now authenticated & authorised]

1230 questions

votes

1 answer

NTLM Authorization in Perl

I am trying to implement NTLM authorisation for a web server written in Perl (or perhaps an XS module). My understanding is that it should work in the following way: c -> s: GET s -> c: 401, WWW-Authenticate: NTLM c -> s: GET, Authorization: NTLM…

asked Mar 06 '14 at 12:45

jawr

votes

7 answers

How do I use NTLM authentication with Active Directory

I am trying to implement NTLM authentication on one of our internal sites and everything is working. The one piece of the puzzle I do not have is how to take the information from NTLM and authenticate with Active Directory. There is a good…

http authentication coldfusion active-directory ntlm

asked Aug 22 '08 at 11:55

Jonathan Works

1,826
1
17
13

votes

2 answers

WCF - How to configure netTcpBinding for NTLM authentication?

I know how to configure basicHttpBinding for NTLM authentication, but can't figure out a way to do the same for netTcpBinding. Does netTcpBinding support NTLM? If so, how to force WCF service to use NTLM? BTW a well known method using identity…

wcf authentication ntlm nettcpbinding

asked Feb 05 '10 at 05:23

ablei2000

votes

1 answer

urllib2.HTTPError: HTTP Error 401: Unauthorized

My requirement is to download an abc.zip file from some website http://clientdownload.xyz.com/Documents/abc.zip For this activity I have written a python script as follows: url_to_check = 'http://clientdownload.xyz.com/Documents/abc.zip' …

python ntlm www-authenticate

asked Feb 12 '14 at 13:27

user3301805

votes

3 answers

HttpUrlConnection doesn't find the NTLM challenge on Android

I'm trying to connect my Android app to an IIS server using the HttpUrlConnection class. My server needs the user to be authenticate, so it is sending the following challenge to the client : WWW-Authenticate: Negotiate WWW-Authenticate: NTLM My…

android httpurlconnection ntlm android-authenticator

asked Jun 18 '13 at 18:15

NLemay

2,331
3
29
45

votes

2 answers

cURL NTLM Proxy Authorization

I have been using curl for some time now and its working fine but with a proxy which uses users 'domain\username' to authenticate curl fails asking for Authorization. Authorization method is NTLM. This code goes in a batch file. Code: curl…

curl proxy ntlm

asked Jun 10 '13 at 20:09

Telson Alva

votes

1 answer

NSURLConnection with client certificate and NTLM

I'm trying to access a server that is protected with NTLM authentication and requiring a client certificate. I'm authenticating using delegate methods of NSURLConnection, and retrieving results with UIWebview. I've managed to develop code for NTLM…

objective-c nsurlconnection ssl-certificate ntlm

asked Apr 08 '13 at 10:50

ridan

votes

3 answers

Spring 3 and NTLM authentication

I am using a spring 3 web application, as Spring 3 doesn't support NTLM authentication, what are the other alternatives that can be used along with Spring security? So that users are authenticated to application when they log into Active Directory?…

java spring spring-security ntlm

asked Mar 20 '13 at 19:44

Jacob

14,463
65
207
320

votes

1 answer

Safari problems accessing Windows Integrated Authentication (aka NTLM) protected web site

Our web application uses Windows Integrated Authentication (aka NTLM Auth) for security. It's working fine for both IE and Firefox users, but Safari users are seeing intermittent problems. Browsing the site will work fine, but every once in a while…

iis authentication safari ntlm wia

asked Apr 02 '09 at 22:42

Darren

votes

1 answer

Running Powershell script through MacOs Visual Studio Code on remote Windows computer throws MI_RESULT_FAILED

I am attempting to run & debug a Powershell script (which is tailored to run on a remote Windows PC), on MacOS (Monterey M1) through Visual Studio Code. Mac Name Value ---- ----- PSVersion 7.2.1 PSEdition Core GitCommitId 7.2.1 OS Darwin 21.2.0…

windows macos powershell visual-studio-code ntlm

asked Jan 13 '22 at 18:47

Riccardo

2,054
6
33
51

votes

2 answers

Visual Studio Development Server (2010) and NTLM authorization

I'm using Visual Studio Development Server (Visual Basic 2010) and it works fine. Now I've enabled NTLM Authorization because I want to test the website using a different user account. Now when I try to access the website I always get the following…

asp.net vb.net visual-studio-2010 authentication ntlm

asked Aug 09 '11 at 07:53

K232

1,040
14
36

votes

2 answers

NTLM authentication to AD FS for non-IE browser without 'Extended Protection' switched off?

When using NTLM authentication to AD FS 2.0, from Google Chrome or Firefox 3.5+ running on Windows, then this results in a repeated sign-in dialog and finally sign-in failure, with 'Audit Failure' events with "Status: 0xc000035b". This can be…

firefox google-chrome ntlm adfs2.0 adfs

asked Jun 10 '11 at 16:17

MarnixKlooster ReinstateMonica

9,640
14
54
108

votes

1 answer

HTTP "Negotiate" authentication via NTLM from a Java SE6 client on Windows

Does anyone know if a Java 6 client running on Windows is able to authenticate via NTLM when accessing a Microsoft server that implements the SPNEGO authentication protocol? My understanding is that Java 6 running on Windows has built-in support…

java soap cxf ntlm spnego

asked May 09 '11 at 16:22

David Taylor

2,021
21
25

votes

2 answers

Setting up NTLM Authentication with WCF to Sharepoint Web Services

I have been having a lot of difficulty setting up my WCF service to talk to Sharepoint Web services, specifically I am trying to use the Lists.asmx and Copy.asmx services. I got it working using an http link to sharepoint for development, but now…

c# wcf sharepoint https ntlm

asked Apr 22 '11 at 18:47

PvpMan22

votes

2 answers

Calling WCF service with NTLM auth from .NET Core on linux

I am unable to successfully call a WCF service with NTLM authentication from .NET Core running on a linux box (docker container). The same code works perfectly on Windows 10 though. What I have done: Add this to…

c# linux wcf .net-core ntlm

asked May 15 '19 at 13:13

kipusoep

2,174
6
24
34

Prev 1 2 3

…

81 82 Next