"Doug Holtz" <dholtz@wi.rr.com> wrote in message
news:Yb7Ka.148806$jT4.2663407@twister.rdc-kc.rr.com...

<snip>

> OK.
>
> Now all I need to know is "What is NTLM?".
>
> D
>

OK, here's what NTLM is all about, as far as the authentication process
goes.

NTLM (NT LanMan) is an authentication process that's used by all members of
the Windows NT family of products. Like its predecessor LanMan, NTLM uses a
challenge/response process to prove the client's identity without requiring
that either a password or a hashed password be sent across the network.

When the authentication process begins, the user's system (client) sends a
login request to the server. The server replies with a randomly generated
"token" (or challenge) to the client. The client hashes the currently
logged-on user's cryptographically protected password with the challenge and
sends the resulting "response" to the server.

The server receives the challenge-hashed response and compares it to what it
knows to be the appropriate response. (The server takes a copy of the
original token - which it generated - and hashes it against what it knows to
be the user's password hash from its own user account database.) If the
received response matches the expected response, the user is successfully
authenticated to the server.

BTW, you will also need to do the same stuff you would do for XP, turn off
the smb signing, etc. 2K3 as a DC definitely fsck's up Samba. More locked
down than a 2000 DC. Probably have to wait until 3.0 is in final release and
mess with it.

Glen