Closed raghuureddy closed 1 year ago
I suppose it doesn't. If you can provide me with the protocol for v2, I can have a look at it and implement... if I find the time.
I can confirm that this does not work with NTLM v2. This project seems to support v2, but it is not working for me for some reason. I just started looking into the code, and if get it working I'll follow up here, on what can be done to support NTLM v2.
No progress on this one. Seems there is no js library to handle NTLM v2 support. @raghuureddy Have you made any progress? @SamDecrock Any ideas on this one?
Do you know what server side applications/services use NTLM v2 so I can set up one myself and check it out?
2017-02-20 10:46 GMT+01:00 vertigo notifications@github.com:
No progress on this one. Seems there is no js library to handle NTLM v2 support. @raghuureddy https://github.com/raghuureddy Have you made any progress? @SamDecrock https://github.com/SamDecrock Any ideas on this one?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/SamDecrock/node-http-ntlm/issues/59#issuecomment-281032439, or mute the thread https://github.com/notifications/unsubscribe-auth/AAhmV7IUA2jZHCMFTT-koHq0CNYMKd3pks5reWDjgaJpZM4LihbC .
Hi Sam,
please take a look at this comment here
As far as I understand all you need is to change reg value to 2
or something bigger than 2
(less than 6
)
So the solution is to change the registry key HKLM\SYSTEM\CurrentControlSet\Control\Lsa\LmCompatibilityLevel
to 5
?
https://technet.microsoft.com/en-us/library/cc960646.aspx
@raghuureddy @emcho92 Can you test this?
Any update on this?
Thanks. I wish there were some real example usage, but I'll definitely check it out!
I use it in my own module, so you can dig into the file OnpremiseUserCredentials.ts for a real usage example.
The class itself performs NTLM auth and returns credentials via Authorization
header. You can attach that header to your ongoing http request against NTLM protected resource. keep alive agent also seems required.
@s-KaiNet Thanks a lot. I have created a simplified version for my needs. Perhaps this will help someone:
const request = require('request');
const ntlm = require('ntlm-client');
const https = require('https');
const keepAliveAgent = new https.Agent({ keepAlive: true });
const type1msg = ntlm.createType1Message();
const URL = 'your url';
const USERNAME = 'your username';
const PASSWORD = 'your password';
request(
{
url: URL,
headers: { 'Authorization': type1msg },
agent: keepaliveAgent, // I think this is required
ca: ca // I also needed ca
},
function (error, response) {
if (error) console.log(error);
const type2msg = ntlm.decodeType2Message(response.headers['www-authenticate']);
const type3msg = ntlm.createType3Message(type2msg, USERNAME, PASSWORD);
request(
{
url: URL,
headers: { 'Authorization': type3msg },
agent: keepaliveAgent,
ca: ca
},
function (err, res, body) {
if (err) console.log(err);
console.log(body);
});
});
I guess seeing that https://github.com/SamDecrock/node-http-ntlm/commit/ca31baf93451ad387dbb84b4f8642eb9aa380a1f , which adds NTLMv2 support, has been merged, this topic can potentially be closed?
Indeed. Thanks for the heads up.
Hello Sam,
My SharePoint site uses NTLMv2 & on the IIS server 'lmcompatibilitylevel' registry is set as '5'.
This module supports only NTLMv1? I see that in the code the naming convention is as below.
create_LM_hashed_password_v1
Wondering if this only supports NTLMv1.
I am getting always 401 Unauthorized from SharePoint site & its passing all handshake including type3 message. But the response comes as 401.