Article ID: 185625
Article Last Modified on 11/1/2006
APPLIES TO
- Microsoft Windows NT Server 4.0, Terminal Server Edition
- Microsoft Windows NT Workstation 4.0 Developer Edition
- Microsoft Windows NT Server 4.0 Standard Edition
This article was previously published under Q185625
SYMPTOMS
When SMB security signatures are enabled by setting EnableSecuritySignature to 1 on the server, a Windows NT Client logon attempt may fail. The failure will occur if only a Lan Manager password component is present in the Windows NT domain account. The following error will be returned by the client:
CAUSE
The server service performs an SMB security signature check and it fails in this case. When a sessionsetupandx command is being performed, the check fails. The server assumes that the client provides Windows NT credentials. The redirector is incorrectly including the LanMan security information for security signatures as if it were Windows NT security information.
RESOLUTION
To resolve this problem, obtain the latest service pack for Windows NT 4.0 or Windows NT Server 4.0, Terminal Server Edition. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
152734 How to Obtain the Latest Windows NT 4.0 Service Pack
NOTE: The redirector is dependent on the server fix to operate correctly. Rdr.sys must be installed on the client and Srv.sys must be used on the server to address this issue successfully.
For additional information, please see the following article in the Microsoft Knowledge Base:
ARTICLE-ID: 161372
TITLE : How to Enable SMB Signing in Windows NT
STATUS
Microsoft has confirmed that this is a problem in Windows NT 4.0 and Windows NT Server 4.0, Terminal Server Edition. This problem was first corrected in Windows NT 4.0 Service Pack 4.0 and Windows NT Server 4.0, Terminal Server Edition Service Pack 4.
Keywords: kbbug kbfix kbqfe KB185625