Open GoogleCodeExporter opened 8 years ago
I've encountered this same error message when trying to connect to Windows
hosts that require NTLMv2 with the Filesys::SmbClient library that is used
within OpenDLP.
As of right now, it does not appear that OpenDLP supports scanning targets that
require NTLMv2.
Could you check if your targets require NTLMv2?
To check if your targets require NLTMv2, do the following:*
1. Go to Local Security Policy
2. Select "Local Policies"
3. Select "Security Options"
4. View the setting for "Network security: LAN Manager authentication level"
If that setting is set to "Send NTLMv2 response only. Refuse LM & NTLM" that
could be the source of your problem.
If possible, consider temporarily changing that to a lower setting while you
perform the OpenDLP scans and then changing it back.
*Hosts on an AD domain may have this policy enforce via Group Policy, so you
would need to check there instead.
Original comment by burnfrom...@gmail.com
on 4 Apr 2013 at 6:14
The domain controllers are set to "Send NTLM response only". Running a
gpresult against any machine shows that the "Network Security: LAN Manager
authentication level" is not defined.
Original comment by chrisscl...@gmail.com
on 5 Apr 2013 at 4:36
I forgot to add that the Local Security Policy is set to "Send NTLM response
only".
Original comment by chrisscl...@gmail.com
on 5 Apr 2013 at 4:38
Ok, so it sounds like it's not an NTLMv2 issue.
I think there is a good chance that it is still an issue with the
authentication.
Are you using a domain account to run the scans?
Original comment by burnfrom...@gmail.com
on 5 Apr 2013 at 5:15
Original issue reported on code.google.com by
chrisscl...@gmail.com
on 2 Apr 2013 at 8:52