NAStorage

How to set NTLMv2 authentication on Windows system platform and NAStorage

Prepared by: Karen Lee TS Engineer Ingrasys Technology Inc. E-mail: support@ingrasys.com

Note.

If you enable NTLMv2 authentication for server, verify that all clients (include NAStorage) who log on to your network are used NTLMv2 authentication too. No client or server configuration is required to support NTLMv2. You must configure the client or server only to enable or disable support for NTLMv2 or LM authentication. By default, NTLM 2 session security encryption is restricted to a maximum key length of 56 bits. Optional support for 128-bit keys is automatically installed if the system satisfies United States export regulations. To enable 128-bit NTLM 2 session security support, you must install Microsoft Internet Explorer 4.x or 5 and upgrade to 128-bit secure connection support before you install the Active Directory Client Extension

How to enable NLTMv2 authentication on NAStorage?

You have to enable the NTLMv2 option from NAStorage web page if your windows system platform used NTLMv2 authentication. The default option of NTLMv2 is disabled on NAStorage. Please follow the below steps. (1) Go to the Admin Home->Network->Windows (2) Click use NTLMv2 authentication only. (3) Click Apply button to complete setting

How to set the windows 2003 server for authentication level?

(1) Click Start, point to All Programs , then open the Local Security Policy from Administrator Tools

menu.

(2) Select the Security Options>Network security: LAN Manager authentication level (3) Restart the computer.

The full range of values for reference

Level 0 - Send LM and NTLM response; never use NTLM 2 session security. Clients use LM and NTLM authentication, and never use NTLM 2 session security; domain controllers accept LM, NTLM, and NTLM 2 authentication. Level 1 - Use NTLM 2 session security if negotiated. Clients use LM and NTLM authentication, and use NTLM 2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLM 2 authentication. Level 2 - Send NTLM response only. Clients use only NTLM authentication, and use NTLM 2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLM 2 authentication. Level 3 - Send NTLM 2 response only. Clients use NTLM 2 authentication, and use NTLM 2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLM 2 authentication. Level 4 - Domain controllers refuse LM responses. Clients use NTLM authentication, and use NTLM 2 session security if the server supports it; domain controllers refuse LM authentication (that is, they accept NTLM and NTLM 2). Level 5 - Domain controllers refuse LM and NTLM responses (accept only NTLM 2). Clients use NTLM 2 authentication, use NTLM 2 session security if the server supports it; domain controllers refuse NTLM and LM authentication (they accept only NTLM 2).

How to set the vista client for authentication level? nas - vista , :------- :LAN-Manager-- --- lm ntlm -(1) Please go to the control panel /system and maintenance /administrative tools / local security policy,

(2) Select the Security Options>Network security: LAN Manager authentication level (3) Restart the computer.

The full range of values for reference

Level 0 - Send LM and NTLM response; never use NTLM 2 session security. Clients use LM and NTLM authentication, and never use NTLM 2 session security; domain controllers accept LM, NTLM, and NTLM 2 authentication. Level 1 - Use NTLM 2 session security if negotiated. Clients use LM and NTLM authentication, and use NTLM 2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLM 2 authentication. Level 2 - Send NTLM response only. Clients use only NTLM authentication, and use NTLM 2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLM 2 authentication. Level 3 - Send NTLM 2 response only. Clients use NTLM 2 authentication, and use NTLM 2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLM 2 authentication. Level 4 - Domain controllers refuse LM responses. Clients use NTLM authentication, and use NTLM 2 session security if the server supports it; domain controllers refuse LM authentication (that is, they accept NTLM and NTLM 2). Level 5 - Domain controllers refuse LM and NTLM responses (accept only NTLM 2). Clients use NTLM 2 authentication, use NTLM 2 session security if the server supports it; domain controllers refuse NTLM and LM authentication (they accept only NTLM 2).