Closed brijesh-dobariya closed 1 year ago
I indeed had heard this was coming. I have just finished an overhaul of the NTLM authentication, so now the keys in there are derived correctly, and the signing and sealing keys can be constructed. But, given my spare time (open source / hobby), I do not expect to make MS's deadline.
Are you using SMBJ within the company you work for?
Yes, we are using SMBJ in a wider area.
Can you guide us how to use RPC sealing with NTLM authentication. It is very urgent for my company.
@brijesh-dobariya Could you try out the code from PR #772? I think this fixes the issue.
Thanks @hierynomus for the update. I'll try out this code and let you know. Has your team tested with Microsoft 13 June 2023 security patch?
Did you manage to test it out?
Nobody has tested it out with the patch, because:
@hierynomus still we haven't tested with the patch on 11th July, but will plan for the same. I'll let you know once tested.
@hierynomus We have tested NTLM with RPC Sealing with the Microsoft Security Patch released on July 11th, and it's working fine. Thanks for providing NTLM with RPC Sealing.
We have used SMBJ v0.10.0 and we getting STATUS_LOGON_FAILURE (0xc000006d): Authentication failed for 'dummy_user' using com.hierynomus.smbj.auth.NtlmAuthenticator@1f2c74f5 issue while connecting file repository after deployed windows security patch June 13, 2023 - Enforcement by Default but we given workaround to set registry value to 1 on this path HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters.
But our main concern, Microsoft will release one more security patch to force fully disabled NTML authentication on 11 July, 2023 - Enforcement phase.
For more details: https://support.microsoft.com/en-us/topic/kb5021130-how-to-manage-the-netlogon-protocol-changes-related-to-cve-2022-38023-46ea3067-3989-4d40-963c-680fd9e8ee25
There is any changes you guys working for the same. Let me know because many client will affect after 11 July, 2023 paches.
Thanks