(RADIATOR) AuthBy LSA and Lan Manager Auth Level

[Kawakubo, Ken]

Hi Kirk,

I meant Level 0, the default value for server.

Ken

-----Original Message-----
From: Kawakubo, Ken 
Sent: Monday, November 29, 2004 7:07 PM
To: 'Kirk Byers'; Hugh Irvine
Cc: radiator at open.com.au
Subject: RE: (RADIATOR) AuthBy LSA and Lan Manager Auth Level


Hi Kirk,

I checked the LAN Manager Authentication Level setting of our domain
controller. It is set at "Send LM & NTLM responses", so it is Level 1.

Ken Kawakubo

-----Original Message-----
From: Kirk Byers [mailto:ktbyers at stanford.edu]
Sent: Monday, November 29, 2004 5:17 PM
To: Hugh Irvine
Cc: radiator at open.com.au
Subject: Re: (RADIATOR) AuthBy LSA and Lan Manager Auth Level


Hugh,

Some additional pieces of information.  I was able to get PEAP/MSChapV2 
working using AuthBy LSA if I authenticated a local user (empty string 
for Domain).  I also am able to get PEAP/MSChapV2 working using AuthBy 
LSA authenticating against my Active Directory server if I change my Lan 
Manager Authentication Level to allow NTLM (the setting is changed on 
the AD server).  This is using the same configuration as I sent over in 
a previous email.  

Unfortunately, we need to have our Lan Manager Authentication Level set 
to use NTLMv2 only.  Is this the expected behavior for AuthBy LSA in 
this context (i.e. that it does not support NTLMv2)?  If so, are there 
any plans to support AuthBy LSA and NTLMv2 in the future.

Thanks,


Kirk



--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.