D
DelJo63
Non-XP systems will be using SAMBA as the connection technique for file/print sharing
(ie: ports 139,445 and lmhost v1 authentication)
XP (and Vista) have two authentication techniques
LMHASH and NTHASH
SAMBA access will require LMHOST V1 authentication
(it is possible to use V2 *if* all non-windows systems support V2)
Windows XP/Pro or Vista/Ultimate users who have set the Global Policy
will not be able to use filesharing to non-windows systems.
The alternative tecnhnique is a regedit
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
click Add Key, type NoLMHash, and then press ENTER.
The GPO is preferrable, but XP/Home users must use this regedit to inhibit LMHASH
While it is true that setting this policy enhances the Windows security, it has a negative effect
on Sharing to non-Windows systems.
see the Microsoft KB article
http://support.microsoft.com/kb/299656
btw: this policy also stops LMHASH password cracking
so you choose Security and no sharing or Sharing and compromised security
(ie: ports 139,445 and lmhost v1 authentication)
XP (and Vista) have two authentication techniques
LMHASH and NTHASH
SAMBA access will require LMHOST V1 authentication
(it is possible to use V2 *if* all non-windows systems support V2)
Windows XP/Pro or Vista/Ultimate users who have set the Global Policy
Network security: Do not store LAN Manager hash value on next password change
located atComputer Configuration, Windows Settings, Security Settings, Local Policies, Security Options
will not be able to use filesharing to non-windows systems.
The alternative tecnhnique is a regedit
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
click Add Key, type NoLMHash, and then press ENTER.
While it is true that setting this policy enhances the Windows security, it has a negative effect
on Sharing to non-Windows systems.
see the Microsoft KB article
http://support.microsoft.com/kb/299656
btw: this policy also stops LMHASH password cracking
so you choose Security and no sharing or Sharing and compromised security