To set the Telnet server to use only NTLM authentication, follow these
steps:
Click Start, click Run, type tlntadmn, and then click OK.
1. Select Display, and then select Change Registry Settings.
2. Select NTLM.
3. Change the NTLM value to 2 for NTLM ONLY.
4. Restart the Telnet server.
NOTE: NTLM value 0 is NTLM not available. The Telnet server does only clear
text authentication. NTLM value 1 is NTLM or logon prompt where NTLM is
tried before the logon prompt. If the client supports NTLM, but
authentication stops responding, the server may then send the logon prompt.
If the client does not support NTLM, the server sends the logon prompt.
-----Original Message-----
From: Thomas Kerbl [mailto:t.kerbl (at) weigl (dot) de [email concealed]]
Sent: Thursday, January 15, 2004 5:32 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Disable NTLM on W2k
hello ms-group,
I want to enable the telnet Service on a Windows 2000 machine WITHOUT
NTLM... Therefor I changed the registry value
HKEY_LOCAL_MACHINE/Software/Microsoft/Telnet Server/1.0/NTLM from 2 to
0... this should disable NTLM... still I get this
<cite>
Server allows NTLM authentication only
Server has closed connection
</cite>
message when I try to connect with "telnet x.x.x.x" from another Win2k
machine... I expected to get an login screen... I restartet the service
and afterwards even the computer, still no effect...
can anyone give a pointer, where the problem may be hidden?
tia,
Thomas
P.S.: Just to make sure, I'm perfectly aware of the security risk... no
advice needed :)
http://support.microsoft.com/default.aspx?scid=http://support.microsoft.
com:
80/support/kb/articles/Q201/1/94.ASP&NoWebContent=1
To set the Telnet server to use only NTLM authentication, follow these
steps:
Click Start, click Run, type tlntadmn, and then click OK.
1. Select Display, and then select Change Registry Settings.
2. Select NTLM.
3. Change the NTLM value to 2 for NTLM ONLY.
4. Restart the Telnet server.
NOTE: NTLM value 0 is NTLM not available. The Telnet server does only clear
text authentication. NTLM value 1 is NTLM or logon prompt where NTLM is
tried before the logon prompt. If the client supports NTLM, but
authentication stops responding, the server may then send the logon prompt.
If the client does not support NTLM, the server sends the logon prompt.
-----Original Message-----
From: Thomas Kerbl [mailto:t.kerbl (at) weigl (dot) de [email concealed]]
Sent: Thursday, January 15, 2004 5:32 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Disable NTLM on W2k
hello ms-group,
I want to enable the telnet Service on a Windows 2000 machine WITHOUT
NTLM... Therefor I changed the registry value
HKEY_LOCAL_MACHINE/Software/Microsoft/Telnet Server/1.0/NTLM from 2 to
0... this should disable NTLM... still I get this
<cite>
Server allows NTLM authentication only
Server has closed connection
</cite>
message when I try to connect with "telnet x.x.x.x" from another Win2k
machine... I expected to get an login screen... I restartet the service
and afterwards even the computer, still no effect...
can anyone give a pointer, where the problem may be hidden?
tia,
Thomas
P.S.: Just to make sure, I'm perfectly aware of the security risk... no
advice needed :)
--
~ weigl interservice
~ www.weigl.de
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]