locked
Windows 7 and Novell Client 2 SP1 (ir2) RRS feed

  • Question

  • Installed Windows7 Enterprise Edition (fully patched).  Installed Novell Client 2 SP1 (ir2).  After a successful login to eDirectory/NetWare 6.5 (all fully patched), my account in eDirectory becomes intruder locked.  After doing some packet capturing and reading the capture file in Wireshark, I am seeing conversations using NCP, SMB and NBSS between my Windows7 pc and the NetWare 6.5 server I am logged into.  The NCP conversation makes senses, but I am confused by seeing the SMB and NBSS.

    The following item is reported in the capture:
    SMB    | Session Setup AndX Response, Error: STATUS_LOGON_FAILURE

    Further review of the packet capture, I noticed in the item:

    SMB | Session Setup AndX Request, User: MSAD\smithht; Tree Connect AndX, Path: \\DATA1\DATA$

    ..SMB (Server Message Block Protocol)
    ....Session Setup AndX Request (0x73)
    ......Unicode Password:
    ........NTLMv2 Response:

    On a chance, I set the "Network security: LAN Manager authentication level" to "Send LM & NTLM - use NTLMv2 security if negotiated" like I do when setting up a Vista and Windows7 pc without the Novell Client to connect to the CIFS Service on my NetWare 6.5 server.

    After which the failed logins from the Windows7 pc with the Novell Client 2 SP1 (ir2) stopped when logged in to my NetWare 6.5 server, WHY?

    It seems that the Windows7 pc is successfully logging into the NetWare 6.5 server via the Novell Client over NCP, but was failing to login over SMB/NBSS to the CIFS service on the NetWare 6.5 server until the "Network security: LAN Manager authentication level" was set to "Send LM & NTLM - use NTLMv2 security if negotiated".

     

    Why does the "Network security: LAN Manager authentication level" setting have to be lowered on a Windows7 pc when the Novell Client is installed?

     

    thx

    Wednesday, June 30, 2010 2:06 PM

Answers

  • That is because Novell Client only uses the lower NTLM level. If Windows 7 users NTLMv2 in authentication, the Novell Client will not be able to authenticate properly.
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”
    • Marked as answer by Arthur Xie Friday, July 9, 2010 9:15 AM
    Thursday, July 1, 2010 7:58 AM

All replies

  • That is because Novell Client only uses the lower NTLM level. If Windows 7 users NTLMv2 in authentication, the Novell Client will not be able to authenticate properly.
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”
    • Marked as answer by Arthur Xie Friday, July 9, 2010 9:15 AM
    Thursday, July 1, 2010 7:58 AM
  • So if I understand you correctly, that when installing the Novell Client on a Windows7 pc, I have to set the "Network security: LAN Manager authentication level" to "Send LM & NTLM - use NTLMv2 security if negotiated". 

    I've never used Windows Vista, but with WindowsXP when the Novell Client installed, it did not matter what the "Network security: LAN Manager authentication level" was set to. 

    On my WindowsXP pc I've just tested setting it to "Send NTLMv2 Responses only" and did not accumulate any failed login attempts on my Novell eDirectory/NetWare account. 

    But on my Windows7 pc, when "Network security: LAN Manager authentication level" is NOT set to "Send LM & NTLM - use NTLMv2 security if negotiated", I accumulate failed login attempts on my Novell eDirectory/NetWare account.

    This comparison between WindowsXP and Windows7 appears that it does not matter that the Novell Client is installed on Windows7, because a SMB/NBSS auth will happen anyway on Windows7 and if the "Network security: LAN Manager authentication level" is NOT set to "Send LM & NTLM - use NTLMv2 security if negotiated", the Windows7 pc will fail when attempting to connect over SMB to the same NetWare server that the installed Novell Client is already connected to over an NCP connection. Why is Windows7 making multiple connections (NCP and SMB) connections to the same NetWare server, when WindowsXP only made an NCP connection?

     

    thx 

    Thursday, July 1, 2010 1:58 PM