Questions tagged [ntlm]

NTLM (NT LAN Manager) is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users.

NTLM has been deprecated for many uses as it doesn't support the latest standards:

Implementers should be aware that NTLM does not support any recent cryptographic methods, such as AES or SHA-256. It uses cyclic redundancy check (CRC) or message digest algorithms (RFC1321) for integrity, and it uses RC4 for encryption. Deriving a key from a password is as specified in RFC1320 and FIPS46-2. Therefore, applications are generally advised not to use NTLM - MSDN and to use Kerberos instead.

Despite this NTLM is still used inside enterprise networks where Microsoft Active Directory provides the enterprise directory service for Integrated Windows Authentication when Kerberos is not available.

NTLM over HTTP handshake is fairly simple:

Request  - [unauthenticated - no user info passed]

Response - 401 Unauthorized
           WWW-Authenticate: NTLM


Request  - Authorization: NTLM <base64-encoded type-1-message>

Response - 401 Unauthorized
           WWW-Authenticate: NTLM <base64-encoded type-2-message>


Request  - Authorization: NTLM <base64-encoded type-3-message>

           Server can now check username/password against LDAP from type-3 message
Response - 200 Ok [now authenticated & authorised]

1230 questions

votes

0 answers

Display Logged in user name without AJAX call

I am developing a simple rest based spring application and trying to keep UI and REST services as a separate directory but both deployed under same tomcat instance. REST services returns JSON as response (no Spring MVC here, ResponseEntity ) There…

asked May 28 '12 at 05:27

ukanth

2,718
5
28
38

votes

1 answer

Infrastructure for Automatic User Logon (SSO) with Active Directory / LDAP / NTLM

I have to set up an automatic logon system for an eZ Publish Website hosted on a debian server. The pitch is : "a client is logged on its Windows session (User registered on a Windows Active Directory (so LDAP)) ; when he'll arrive on the intranet…

php ldap single-sign-on ntlm ezpublish

asked May 16 '12 at 10:03

Charles B.

votes

1 answer

Passing User Credentials to Exchange

My scenario: User -> Web App (ASP.NET, C# 3.5) -> Exchange I need to pass the user's Window's account information to Exchange since it uses WIA. I've enabled "NTLM" on my web app's properties and then I use: request.Credentials =…

c# authentication exchange-server ntlm

asked May 09 '12 at 20:08

Chad

3,159
4
33
43

votes

2 answers

JCIFS NTLM Authentication for HTTP Connections on GlassFish (or any servlet container)

I've created a Java class that connects to an IIS website requiring NTLM authentication. The Java class uses the JCIFS library and is based on the following example: Config.registerSmbURLHandler(); Config.setProperty("jcifs.smb.client.domain",…

java servlets glassfish ntlm jcifs

asked Jun 26 '09 at 09:33

Allan Lykke Christensen

1,337
2
14
21

votes

2 answers

How to use NTLM Authentication with RestKit

Is NTLM authentication supported by RestKit? How can I use it in my project?

ios restkit ntlm

asked May 07 '12 at 11:17

Francesco Vadicamo

5,522
35
29

votes

1 answer

NSIS NTLM Proxy authentication

I'm using NSIS for an installer program. We have to download some package from our server during installation and we use NSISdl library for this. The problem is that we need to install the software in a network with a proxy with NTLM authentication.…

proxy installation nsis ntlm

asked Apr 13 '12 at 18:21

FrozZerrer

-1

votes

1 answer

The mapped network drive could not be created because the following error has occurred: The parameter is incorrect

cmd.exe /C "cmdkey /add:"******" /user:"*****" /pass:"**********`"" OS version Share Disk mount Error 1.Checked the network connection no block 2.Checked the smb client version smb2. 3.Capture the packet. Screenshot of the packet capture

ntlm windows-server-2016 network-drive cifs fileshare

asked Feb 08 '23 at 06:12

KT.DR

-1

votes

1 answer

How do I configre Kerberos for Web Application in IIS windows server 2012?

My scenario: I have a sample website hosted on IIS windows 2012 server. When I browse the website it should prompt for credentials of the the Active Directory. I have tried using 'Windows Authentication' it is working fine, It is using NTLM for…

kerberos ntlm spring-security-kerberos kerberos-delegation mit-kerberos

asked Mar 09 '20 at 13:20

krish10025

-1

votes

1 answer

Windows IIS sessoin timeout settings while using NTLM (Windows 10)

Using IIS server with NTLM authentication. Where can I modify the session timeout settings?.

iis ntlm

asked Sep 20 '19 at 14:50

Amir Jawaid

-1

votes

2 answers

Alfresco NTLM Authentication fails

There is a problem querying Alfresco CMIS using NTLM authentication: Authentication is fails on third handshake. * Trying 192.168.1.1... * Connected to ecm.corp.knastu.ru (192.168.1.1) port 8080 (#0) * Server auth using NTLM with user 'alf_user' >…

windows authentication curl alfresco ntlm

asked Nov 20 '17 at 08:03

Dmitriy Korobkov

-1

votes

1 answer

Powershell upload file and authentificate through NTLM

Please, I need help with uploading excel files by Powershell. I need to write script, that POST existing excel (well-formated according external system rules) to URI of that system. Script need to be authentificate via NTLM (on Apache) and then post…

shell powershell ntlm

asked Nov 03 '16 at 12:35

Martin Fedy Fedorko

-1

votes

1 answer

Read json with ntlm security and PHP

This worked before, but ntlm has been added since and it no longer can hit that…

php json ntlm

asked Feb 18 '15 at 10:35

user4579128

-1

votes

1 answer

Hashed format in windows 7 or above

I need to find some materials about how Security Accounts Manager(SAM) works in windows 7+. I am confused with the storage format of hashed value. Many materials (such as, 1) tells me that it uses NTLM(or NTLM v2). However, as far as I understand,…

windows hash kerberos ntlm salt

asked Mar 10 '14 at 07:37

user3381634

-1

votes

4 answers

Redirecting from Servlet to Jquery CRUD form causing request.getParameter null for all form elements

I have a Servlet class where I am doing NTLM authentication and if successful, I am forwarding to a JSP page. JSP page has a user form where few registration details are entered and page is submitted. In another servlet called ServiceController I…

jquery jquery-ui jsp servlets ntlm

asked Apr 08 '13 at 06:51

Jacob

14,463
65
207
320

-1

votes

1 answer

How to redirect on custom url after NTLM authentication failure

I am using NTLM authentication with ldap. When i click 'cancel' in the above popup, it gives 'Authorization required' message as below I want it to redirect on a custom url on 'Cancel' click. How can i achieve it?

apache ntlm ntlmv2

asked Jul 09 '12 at 09:28

Nishu Tayal

20,106
8
49
101

Prev 1 2 3

…