How to create the SPNEGO token used in CIFS/SMB authentication?

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - Firewall Ports Keep Changing for Exchange Hello - We have an Exchange 2003 Server running on a GSX Virtual Server. Each night the virtual server is stopped for backup and restarted. When the users come in each morning, their Outlook desktop client is found to be blocked by the firewall on the Exchange Server. It seems we're having to open a different 1400 port each time and afterwards their Outlook desktop clients can connect. We're using Windows Server 2003's firewall. The store.exe seems to be the process that is using the 1400 ports. It is a privileged application on the firewall. Any ideas as to how the firewall/client might be reconfigured so the needed ports are opened and we do not have to open new ports all the time? Can store.exe, or the Outlook desktop client, be forced to use a specified port? Thanks, Lynnette Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74551
  - 2
    - vpn I have two schools, each with a Cisco PIX 506e firewall/router. As I upgrade to Windows Server 2003 (Standard) I will be making changes to my Forest/Domain structure. Since I plan on connecting the schools via VPN I have a couple of questions: Should the VPN connections be done using IPSec or is there another protocol that I should consider? Should I create a Forest at each school and simply create a trust between the two locations or should I have one forest and set each school as a domain within the forest? Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74543
  - 3
    - continual request for pages that don't exixst I keep getting hit on a 2000 is5 server for pages that don't exist on my machine why would I be getting these requests. They are from diffrent sources. GET /Help.asp |-|0|404_Object_Not_Found 0 GET /MSOffice/cltreq.asp UL=1&ACT=4&BUILD=4219&STRMVER=4&CAPREQ=0|-|0|404_Object_Not_Found 0 Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74541
  - 4
    - IIS SMTP TLS with 256 bit encryption on IIS 6 [repost] All, Is there a way to make Windows 2003 IIS 6 support 256 bit TLS? As far as I have read, IIS6 does not support it. I really need this up and running ASAP! Do I need to use Apache to do this? If there is a way for IIS 6, please follow up with info and links if possible. Thanks, FastEddie Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74540
  - 5
    - Is someone trying to get my password to sign in? When I am in hotmail, my acct will automatically shut down and then ask me to resign in...When I do this a box comes up and it asks me to type in the letters int he box before it lets me put in my password. Is someone else trying to get my password to sign in? Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74538
  - 6
    - Windows Adv Server 2003 Backup Utility - Automated System Recovery What is the difference between doing an ASR (using the Wizard) and manually performing a backup with c:\ and System State selected? It appears from the documentation that you can create a recovery floppy from a backup with System State by simply copying some files from the %systemroot%\repair directory Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74536
  - 7
    - IIS SMTP TLS with 256 bit encryption on IIS 6 All, Is there a way to make Windows 2003 IIS 6 support 256 bit TLS? As far as I have read, IIS6 does not support it. I really need this up and running ASAP! Do I need to use Apache to do this? If there is a way for IIS 6, please follow up with info and links if possible. Thanks, FastEddie Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74535
  - 8
    - Using GPO to limit access I'm familiar with basic concepts of GPO, however, can I use GPO and apply it to SPECIFIC users only when the log on to a SPECIFIC server (a Terminal Server) I found docuemntation to apply to a specific server but that seems to effect everyone logging onto that server - I need it to apply only to 5 or 6 users when they log onto one server only. What procedure do I have to follow for a DC and / or a member server - I'm assuming that if we need to configure a member server it has to be done via Local Security policies ? Regards Jeff Richardson Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74532
  - 9
    - someone else is signing in on my email Recently people have been telling me I was on the computer when I was not even near one. I have been told that someone must have access to my password to do this. My computer has a program that must run to check for virus's once every day at a certain time. Is it possible that when the virus checker powers up the computer it is signing me in automatically? Or how else could this be happening. -- leslied Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74524
  - 10
    - Virus messages from hotmail I sent an attached word document to an overseas friend who reported the following message: Unknown virus scanner failure virus found. Note: There is no cure available for the virus on the file JanetWard.doc. It is not possible to download files from hotmail that contain incurable virus. Contact originator of the file and inform them that the file contains incurable virus. I have a virus checker for all emails in and out, and I rechecked this document and found nothing. What does this mean, does anyone know please? Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74522
  - 11
    - msExchMailboxSecurityDescriptor Hi, can i use the SetACL.exe to configure a mailbox dacl ? I want to deny all access to a mailbox but using some functions ripped from msdn isn't working. Thanks in advance, Victor Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74514
  - 12
    - Certificate Services Hello. I am getting a very odd error message when I try to start the Certificate Services service. I get an error message saying "Catastrophic failure Unexpected method call sequence. 0x8000ffff (-2147418113)". When I check the Event log, in the Application Log I get error ID 17. The complete error message is: Event Type: Error Event Source: CertSvc Event Category: None Event ID: 17 Date: 8/3/2005 Time: 11:54:06 AM User: N/A Computer: <server> Description: Certificate Services did not start: Unable to initialize the database connection for <CAserver>. Catastrophic failure Unexpected method call sequence. 0x8000ffff (-2147418113). For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. I have tried doing a repair install of Windows, uninstalling and reinstalling Certificate Services countless times, manually deleting the CertLog and CerSrv folders and all of the certificates created. However, for some reason, I cannot figure this out. Any help is appreciated. Thank you. Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74512
  - 13
    - help with beta antispyware Hi I installed the microsoft antispyware (beta1) and it has been helpful to get some of the spyware in my computer however one keeps popping up - EGroup Dialer. I always remove it from the system but it keeps coming back and it is always in this path hkey-currentuser/software/microsoft/systemcertificates/trustedpublisher/certificate/(certificate number). i dont know much about this..how do i get rid of this...can anyone help please...thanks a lot. Liz Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74511
  - 14
    - How secure is ADS NAS kit? Hi, I recently purchased a Network-Attached Storage HD enclosure by ADS Tech, but I am not sure how secure/hackerproof it is. (Assuming, of course, that it has been correctly configured though it's web interface, all user accounts have difficult passwords, access rights to specific folders have been specified, etc., you know, the obvious has been taken care of). I want to put some data on it that could be shared with some of my friends/family over internet, as well as business files, which I don't want anybody to even have a chance to get access to (besides myself). The NAS kit interfaces through NetBios in Win workgroup environment, for outside access it has FTP and HTTP. One thing I don't like about the FTP is that any user who has any kind of FTP access can see all shared folders, even those that he has no access to (when such folder is clicked, the "Access denied" box opens). Would be much better in my opinion if a "root folder" per used could be specified. Does anybody know how safe it is to put shared data alongside with private data on that thing? Somebody might ask: Why would I want to put confidential data on it? Because of the versatility -- I can access it from any computer, it does not require any specific computer to be turned on (like in case with USB/FireWire drives). I can access it from outside through Internet, or take it with me if necessary. Thanks in advance! Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74501
  - 15
    - SendAs/ReceiveAs permissions I'm running a Windows 2003 AD forest with Exchange 2003. Is there a way to prevent Domain Admins from being able to send mail as other people, i.e. remove the SendAs permission for the Domain Admins group from all user and group objects in the domain? I don't want to set an explicit deny, because some members of Domain Admins require this ability, but in general, the group does not. Thanks, Don Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74496
  - 16
    - For N. Miller Hi N. Miller, I found out what it is. I made a Rule to Log anything using that IP in or out. It is my Browser Netscape 7.2 that makes a Inbound Domain call using the App (Browser) Netscape.exe and looks for a Outbound return using the Apps Netscape.exe, Wucrtupd.exe and Wuloader.exe. Sometimes it didn't use an App at all on the Inbound that alerted me to it in the first place. I can't Block the In/Outbound using the Netscape App or I can't Surf the Web. But I can Block the In/Outbound one's using the Windows Update Apps wucrtupd.exe and wuloader.exe without any problems. Why the hell does it need to use those Apps when it can use Netscape.exe both ways ????? And it may explain those hits on Port 80 I see too. Is this something we should worry about? Is it a type of Spyware? Kevin Rule "205.188.146.145" blocked (205.188.146.145,domain). Details: Outbound UDP packet Local address,service is (0.0.0.0,1176) Remote address,service is (205.188.146.145,domain) Process name is "C:\PROGRAM FILES\NETSCAPE\NETSCAPE\NETSCP.EXE" Rule "205.188.146.145" ignored (0.0.0.0,1098). Details: Inbound UDP packet Local address,service is (0.0.0.0,1098) Remote address,service is (205.188.146.145,domain) Process name is "C:\PROGRAM FILES\NETSCAPE\NETSCAPE\NETSCP.EXE" Rule "Block Outbound AOL Proxy wucrtupd.exe TCP/UDP" blocked (205.188.146.145,domain). Details: Outbound UDP packet Local address,service is (0.0.0.0,1103) Remote address,service is (205.188.146.145,domain) Process name is "C:\WINDOWS\SYSTEM\WUCRTUPD.EXE" Rule "Block Outbound AOL Proxy wuloader.exe TCP/UDP" blocked (205.188.146.145,domain). Details: Outbound UDP packet Local address,service is (0.0.0.0,1094) Remote address,service is (205.188.146.145,domain) Process name is "C:\WINDOWS\SYSTEM\WULOADER.EXE" Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74495
  - 17
    - Visio Connector for MBSA 2.0 released! Based on the extremely positive response we received to the first version of Visio Connector for MBSA, we have just released Visio Connector for MBSA 2.0. This utility allows you to view the vulnerability assessment information generated by MBSA 2.0 on a Visio 2003 network diagram. You must have both Visio 2003 and MBSA 2.0 (or MBSA 1.2.1) for this connector to function. You can learn more or download this free utility at http://www.microsoft.com/technet/security/tools/mbsavisio.mspx. Sanjay Puri This posting is provided "AS IS" with no warranties, and confers no rights. Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74494
  - 18
    - LSASS.exe thrashing processor I have a box with Windows 2000 Server (standard) running SQL 2000 (standard). The problem is that the lsass.exe is running constantly at 50-60% and taking up between 150-250 MB of memory usage. To me, this seems like an awful lot, not to mention that the process never stops. Ran Symantec Corporate and came up clean. Any ideas? Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74491
  - 19
    - One Care Public Beta Where's the Group(s)? One Care is in Public Beta. Usually that would mean a group or groups. Does anyone know where they might be? Best, Chad Harris Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74481
  - 20
    - Best Anonymous Proxy for Winxp ?? Hey guys I am searching for a Free Anonymous Proxy for Windows Xp .....Send me Links Thanx Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74475
  - 21
    - xp firewall help I just purchased a new laptop bundled with xp-sp2, Norton AV (90 day), I activated the Norton AV but disabled the Norton personal firewall, ran the network wizard to configure the laptop wireless adaptor to one I installed in my home pc, (xp-sp2, dial up), enabled file, print, ICS sharing, updated Norton definitions and xp updates. The problem is everytime I turn on the laptop the windows firewall is disabled along with two of the three alert options located in the Security Center. So I literally have to open the security Center Window to see that it is off and then manually set it to on. I have to do this each time I restart. I checked the services tab under computer management and the text says its on auto, I also ran a scan with Norton and it came up clean. Anyone know how to keep the windows firewall on as a default or is this a byproduct of having Norton? Hihar in Thanks, Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74474
  - 22
    - cdp publish hi all i installed a new CA infrastructure in my organization. i have root CA server and subordinate CA and 5 machines as CDP'S. on the subordinate CA server at the server properties in the certificate main consule, when going to the extensions tab, and typing a path to any of my CDP'S using DNS CNAME for the CDP, im getting an error trying to publish to that cdp. its like the server cant find that cdp. when i type the netbios name or the dns name for the cdp path its working. why is that, i need to use cname's for my cdp's for redundecy. thanks for the help Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74470
  - 23
    - Mapping Drives in Windows Server 2003 HELP! I want to map a XP Pro pc to a share I created on a 2003 server. When I go to map the drive from my PC...it prompts me for a username and password. I try to log into the share and it keeps saying bad username or password. I created at least 2-3 test users to try this with and changed passwords but it still wont except my logins...I am stumped! Please Help!! Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74463
  - 24
    - spyware Possible spyware installed but I can not detect it. I have zonealarm antivirus/firewall with popup blocker enabled. Ad-Aware pro/ad-watch popup blocker enabled. I've run scans with all including the multi av-cls several times. Popups are occuring regardless if I'm browsing the web or not. Soon as I boot the system if you just wait a while they start to appear. Any thoughts or suggestions? Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74462
  - 25
    - Certificate Services Performance --- Back in December of 2004 we deployed a large CA based on Microsoft Certificate Services (MSCA) on Windows 2003. The MSCA is advertised to reach 2 million certificates a day - which is about +/- 1388 certs per minute. I recently ran some tests and I was lucky to get 16 certs per minute. This was running on a 4 processor HP DL580, 4 GB memory with nCipher HSM hardware assist --- So, I have two questions for the group --- 1. Has anyone else tested their certificate generation performance; what did you find? 2. If you did test your performance, what tools did you use to test the performance? I used a vbs script running for other networked nodes in a scheduled batch job. Thank you. Daya -- Daya Puls, CISSP IT Security, Sigma Systems, Marlborough, MA Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74455
- Next
  - 1
    - Nessus report is not correct ? Using nessus to scan my website, the report contains follwing messages. ============================= Vulnerability http (80/tcp) At least one of these CGI scripts is installed : hello.bat echo.bat They allow any attacker to execute commands with the privileges of the web server process. Solution : Delete all the *.bat files from your cgi-bin/ directory Risk factor : High CVE : CAN-2000-0213 BID : 1002 Nessus ID : 10246 ============================= Vulnerability http (80/tcp) The CGI 'args.bat' (and/or 'args.cmd') is installed. This CGI has a well known security flaw that lets an attacker upload arbitrary files on the remote web server. Solution : remove it from /cgi-dos. Risk factor : High CVE : CAN-1999-1180 Nessus ID : 11465 ============================ But I can't locate file hello.bat,echo.bat,args.bat or args.cmd in my computer. What should I do ? Ignore these messages? Where can I find more information ? By the way, my computer's configuration is: OS: WIndows 2003 Server IIS: IIS 6.0 language: Active Server Page (ASP) Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74450
  - 2
    - "message service" pop up window I have recieved a "Message Service" pop up window. The message tells me to go >www.ms-repair.com<. Is this a legitimate site? The message also tells me that my system has 72 errors, need to install registry repair, run registry repair, and reboot the computer. Thank you in advance for anyone who can help, Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74358
  - 3
    - Ports 6346 and 1434 TCP and UDP HI, Is anyone else getting a lot of hits on 6346 and 1434 in both TCP and UDP ? 1434 is ms_sql-m but what use is 6346 for ? Kevin Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74355
  - 4
    - Antivirus on server or client? What is recommended: install an antivirus program on the server or on each client individually? Setup: W2K Server, XP clients, MS Exchange. Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74346
  - 5
    - pop uos i keep recieving pop ups from the same address(69.28.210.175/media/773379) every 5 minutes on the nose 24/7.I'm using stopzilla to block these but they still splash on my screen and are logged and momentarily slow my computer.I use adaware and spybot searcch and destroy as well as delete my cookies but it has no effect. 1. is it legal for these to be sent? if it is something needs to be done. 2.is it possible to stop these from reaching my computer? Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74339
  - 6
    - MS04-011 LSASS virus My laptop runs under XP(sp2). Since I installed Trend-Micro PC-cillin 2005 (AntiVirus,Firewall,AntiSpyware combined), I'm getting "MS04-011 LSASS" attack warnings. Microsoft XP-SP2 supposed to have the fix for this virus, but the the warning never goes away. "Microsoft Bulletin MS04-011(835732)" offers the fix for all other operating systems except for XP. Anyone knows how to get rid of this problem? Thanks. Ken Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74332
  - 7
    - AOL Servers Probing ??? Hello, I've been getting a number of hits on Port 80 from AOL Servers and Proxies even without a Browser open. Since they are not tied to an App Rule they are Blocked and they hit some other Ports too, sometimes as high as 60,000. Why are they Banging my Http Ports (80 and 1080) and ramdom Ports from 5000-80,000???? Since I'm Dial-up I'm not the Target but this IP Block must be. The one's between 5000-60,000 are rare and I don't worry about them but it seems they are AOL Servers or Proxie Servers most of the time and not Users. And I'm not talking about when I first go online with Dial-up where someone else could have had the IP and I'm getting their Returns. This example is not from a server but I had cleared my Log yesterday after some Security Scans to check my Firewall so it's all I have right now. Rule "Default Block HTTP Port 80" blocked (compaq,http). Details: Inbound TCP connection Local address,service is (compaq,http) Remote address,service is (172.165.17.222,2122) Process name is "N/A" In Local Address; compaq is another way this computer lists localhost, 127.0.0.1. Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74330
  - 8
    - spyware - windupdates Hi, Adaware keeps finding something called windupdates. I keep deleting it and it keeps coming back! Help! How do I get it to go away permanently? Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74326
  - 9
    - possible to block/uninstall games via Group Policy? Hi is it possible to block or uninstall games via a group policy? Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74325
  - 10
    - Restrict users to only connect to our wireless network Hi, I have a wireless network and want to make sure the users only connect to this wireless network and no others at all. Can this be done? Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74324
  - 11
    - unable to connect to windows firewall ant-virus wont auto protect I am having dificulties with the windows security centre i keep recieving the warning about the firewall connection and also now my norton anti-virus will not enable autoprotection.. can anybody help. i ahve tried to recconect my windows firewall but it wont do it, a message come sup sayin it cannot connect to windows firewall!! what can i do? Also i have norton anti virus and up untill 2 days ago it was working fine doing a full computer scan every week but now thiswont work, on th eoptions itis not set on auto protect and it will nto allow me to select this option!! help me my compute ris at graet risk what can i go.. i was adviced to download the updates but this has not fixed the problem help Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74323
  - 12
    - Local Caching Where is the user's password cached when you have a GPO setting on Interactive logon: Number of previous logons to cache (in case domain controller is not available)? Is it store in LSASS secrets? If we set our server to not store local cache of user's password what application or other things will break? I u nderstand that if you turn that off and there is no domain controller available that you will be unable to logon to that server in that domain...But what other hidden gotchas are out there that I might not be thinking of? Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74306
  - 13
    - Fake Add Message Well hey, i started to hear this from many friends, a contact that adds them then they loose their password and wont be able to sign again to their account.! that's so weird, any one heard about that ?? Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74305
  - 14
    - How to set up pass-through authentication on W2K server Hi Experts, How do I configure passthrough authentication on the server, so the following task will work. Here is the situation. There is currently a spreadsheet on the network which is being used to capture the date and do whatever calculations are necessary. The location of the spreadsheet is in a shared location and we should recreate permissions so only the necessary people have access. Since the prime purpose of the Tablet is data collection using this speadsheet, I want to have a common logon for anyone who uses this and it should not be part of the domain. The new account needs to be created locally and on the domain so I can map a drive to the spreadsheet location using pass-through authentication. I don't want people logging on using their domain ID because they have roaming profiles and this will mess-up everything. THX in advance Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74304
  - 15
    - Locked out of Hotmail Account Can't get into my Hotmail account. Locked out. Seems like someone got in and changed my login info. Need some sort of technical support. MSN will not answer emails. I cannot find any support phone numbers. Any and all help is appreciated!! Thanks!! Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74303
  - 16
    - File access tracking software Anyone know of a product/solution that can track domain users' access to files on a shared drive and be able to run reports on the data? Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74301
  - 17
    - IPsec Implementation I'm trying to implement IPsec on the work network just for the LAN. After reading about planning and setting up policies. I'm still not 100% sure what it is that I need to do. We're using Windows Server 2003 Enterprise edition and I checked that IPsec service is running. Do I only need to setup IPsec policies (request security) on the server and the workstations will use IPsec automatically? All the workstations are running XP SP2. If I right-click on an IPsec policy, "Assign" is shown on the menu. If after I selected Assign, would I be able to simply unassign it? Would there be any complications? Do I need to create some sort of certificates for IPsec? server and workstations? Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74299
  - 18
    - Desktop.ini auditing filling event logs I have enabled auditing on a directory and all of its subdirectories and files, for a location where users My Documents have been redirected. I have set auditing for Change Permissions, Take Ownership, Write Attributes, and Write Extended Attributes. However, my security log on that machine is being filled with "Object Access" entries referring to Accesses of ReadAttributes and WriteAttributes. For the normal user, this is happening for only their redirected folder. For the few in the domain admins group, there is an Accesses entry with READ_CONTROL, ReadData (or ListDirectory) and ReadEA in addition to the previoius two, for everyone's desktop.ini file in their redirected users. This is really filling up the log files, making auditing very difficult. Any ideas or help would be greatly appreciated. Rich C. Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74293
  - 19
    - Hijackthis Can this program detect presence of viruses on computer. Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74287
  - 20
    - Viruses and hijackthis Hi. If computer is infected will i see this in hijackthis program or not? Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74286
  - 21
    - safe mode antivirus hi, I use AVG free version in regular mode. I can NOT use it in safe mode. I also have the sysclean from trend micro that I have used in the past because one can use it in safe mode. But, the scan usually takes more than an hour, though if it does the job, I wouldn't mind. Still, I would like to see if anyone out there has another (free perferably) AV program that they recommend to use in safe mode. that way, if I am short on time and can't use Sysclean, I can use that one. Note: I have stinger too. but, would like to get another one that I can enable only in safe mode. WIll use AVG all the other times. thanx Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74285
  - 22
    - HELP can't logon to my computer I need help fast...i can't logon to my computer, im using windows XP professional... i was trying to create a workgroup and it said i belonged to a domain already and it had to be changed before i could create the workgroup...so i change my domain to workgroup and then restarted like it said...however now i can't logon to my computer...no user name or password that i can think of will work..i need to know of a way i can get around the logon so i can access my files..please help! -- Jill Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74274
  - 23
    - Security token design question There is a smartcard chip embedded in a PnP device of completely irrelevant class. It is not exposed as independent hardware function. The chip can be accessed only thru the driver of this device. How I can make this chip visible to CryptoAPI from user mode? Can this be done with a user mode module that sends custom ioctls to the driver? Or I need a root enumerated driver that emulates a Smartcard reader? Can such "virtual" smartcard readers pass HCT? Regards, --PA Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74269
  - 24
    - dsclient - ntlm v2 I need to know how make win 9x work with ntlm v2. IÂ´ve installed dsclient, changed the registry like described in some websites, but isnÂ´t work. It donÂ´t autenticate. The only way to this work is changing the registry to level 0, but with this the ntlm v2 donÂ´t work. > Locate and click the following key in the registry: > HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control > > Create an LSA registry key in the registry key listed above > > On the Edit menu, click Add Value, and then add the following registry > value: > Value Name: LMCompatibilityLevel > Data Type: REG_DWORD > Value: 3 > Valid Range: 0,3 > Description: This parameter specifies the mode of authentication and > session > security to be used for network logons. It does not affect interactive > logons. > . Level 0 - Send LM and NTLM response; never use NTLM 2 session security. > Clients will use LM and NTLM authentication, and never use NTLM 2 session > security; domain controllers accept LM, NTLM, and NTLM 2 authentication. > . Level 3 - Send NTLM 2 response only. Clients will use NTLM 2 > authentication and use NTLM 2 session security if the server supports it; > domain controllers accept LM, NTLM, and NTLM 2 authentication. > Thanks, Leonardo Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74267
  - 25
    - 086eb794e.html -Desktop Background Can anoyone help. I have found this file on my computer under all users. It is linked to a 'Free Track Remover' program and is locaeted in C:\Documentsand settings then under the user's local settings in a folder called Temp. The file is causing a red background on desktop with the advert for this free track remover-trying to get you to buy it. This background comes up no matter what I do. I have tried deleting this file which is removed until you next log on. The file is then back in the same place. I have also tried delting the folder but an error message appears explaining that some of the folders are used by other programs and can not be deleted. I originally found the file under Control Panel\Display\Desktop\CustomiseDesktop then on the web tab. The file is there under the web pages. I can delte it from there but the same thing occurs where it returns. I have tried using Norton to remove it but it still returns. Please can someone help me with this-email me on Saxonh@Hotmail.com and enter 086eb794e in the subject box. All help appreciated Tag: How to create the SPNEGO token used in CIFS/SMB authentication? Tag: 74266

Dear all,

Is there any Windows API available to generate SPNEGO tokens as the security
blobs used in CIFS/SMB authentication? For example, how to generate the
NegTokenInit token that lists all the authentication mechanisms supported by
the server machine replying to a client's protocol negotiation request? I
know it is possible to hard code a SPNEGO token but just wondering if there
is a better way to do it. And, it seems the SSPI library doesn't provide
this support.

Thanks.

best,
chuck

Top

Re: How to create the SPNEGO token used in CIFS/SMB authentication? by Richard

Richard
Wed Aug 17 00:55:44 CDT 2005

The security blob returned in the NEGPROT_RESPONSE from the
server to the client (prior to the SESSION_SETUP_ANDX) is non-standard,
and used simply as an optimization, and a hint for credential choice. The
redirector and server components call SSPI, just like everyone else. You
can
get that hint blob on the server side by calling AcceptSecurityContext
without
an input blob.

"Chuck" <changxun@gmail.com> wrote in message
news:edCHU5UmFHA.3256@TK2MSFTNGP12.phx.gbl...
> Dear all,
>
> Is there any Windows API available to generate SPNEGO tokens as the
> security
> blobs used in CIFS/SMB authentication? For example, how to generate the
> NegTokenInit token that lists all the authentication mechanisms supported
> by
> the server machine replying to a client's protocol negotiation request? I
> know it is possible to hard code a SPNEGO token but just wondering if
> there
> is a better way to do it. And, it seems the SSPI library doesn't provide
> this support.
>
> Thanks.
>
> best,
> chuck
>
>

Top