home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   comp.databases.paradox      To crash or not to crash, asks Borland      9,834 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 9,778 of 9,834   
   Rick Kelly to All   
   Re: LDAP and Active Directory   
   26 Jul 09 14:16:28   
   
   From: somebody@anybody.com   
      
   I did, once upon a time, build a set of libraries to support authentication   
   against a windows security database. In search my archives, I found a folder   
   from 2004. The main LSL in that folder contained a description of what I   
   think you are looking for. Here is the description copied right from the   
   main library:   
      
    NTLM is an authentication protocol used in various Microsoft network   
    protocol implementations and supported by the NTLM Security Support   
    Provider ("NTLMSSP"). Originally used for authentication and negotiation   
    of secure DCE/RPC, NTLM is also used throughout Microsoft's systems as   
    an integrated single sign-on mechanism.   
      
    NTLM employs a challenge-response mechanism for authentication, in which   
    clients are able to prove their identities without sending a password to   
    the server. It consists of three messages, commonly referred to as   
    Type 1 (negotiation), Type 2 (challenge) and Type 3 (authentication).   
      
    It basically works like this:   
      
      
    The client sends a Type 1 message to the server.   
      
    This primarily contains a list of features supported by the client and   
    requested of the server.   
      
    The server responds with a Type 2 message.   
      
    This contains a list of features supported and agreed upon by the server.   
    Most importantly, however, it contains a challenge generated by the   
   server.   
      
    The client replies to the challenge with a Type 3 message.   
      
    This contains several pieces of information about the client, including   
    the domain and username of the client user. It also contains one or more   
    responses to the Type 2 challenge.   
      
    The responses in the Type 3 message are the most critical piece, as they   
    prove to the server that the client user has knowledge of the account   
   password.   
      
      
   Perhaps the best place to house this is the community web site. Email me   
   via:   
      
   info AT crooit DOT com   
      
   and I'll send you the folder contents.   
      
   Rick Kelly   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca