What is NetServer Authentication If a client provides a LANMAN and an NTLM hash, only the NTLM hash is used unless the QZLSPWDANY$ share exists (or NetServer? is configured to allow LANMAN authentication). This is because the NTLM hash is more secure. If only a LANMAN hash is provided (as was done by Windows 9x), that hash is used. NetServer? does not support LMv2 hashes; therefore, LMV2 always fails. NTLM and NTLMv2 hashes are always accepted (with the restrictions in the table above) unless NetServer? is configured for Kerberos-only authentication. The QPWDLVL of the system does not affect the hashes that NetServer? can accept. The thing that it does do is make the NTLM style hashes work with mixed-case Windows passwords. This is possible with QPWDLVL 2 and 3 because the system password can be mixed-case. More Info: https://techmedianewshub.blogspot.com/2020/08/what-is-netserver-authentication-and.html |