Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
Tony Hoyle wrote: >>>> I tried hard, but I couldn't find how to disable NTLM v2. Can you please >>> >>> use gpedit.msc. You will find it under computer, Windows settings, security >>> settings. >> >> I thought I had looked there... :) >> >> Is it the "LAN Manager Authentication Level" setting? It was originally >> "Send LM & NTLM responses"; now I set it to "Send NTLMv2 response >> only/refuse LM & NTLM". Does this sound right? > > That sounds right. Just do it on every machine. A few links that may help others with these questions: <http://support.microsoft.com/default.aspx/kb/823659> "Client, service, and program incompatibilities that may occur when you modify security settings and user rights assignments" <http://support.microsoft.com/default.aspx?scid=kb;en-us;147706> "How to disable LM authentication on Windows NT" <http://www.lcpsoft.com/english/articles/passwords.htm> "Theory and practice of password auditing and recovery in Windows NT/2000/XP/2003" > The acid test is to run something like LC5 (if you can find it any more) > across the network and see if it finds a nice list of passwords for > you.. The last link also leads to LCP, a supposed successor of LC5. (Haven't run it yet.) Thanks for your help, Gerhard