Export (0) Print
Expand All

3.1 NTLM Logon Details

NT LAN Manager (NTLM) interactive logon and network logon MUST complete the authentication sequence by contacting the DC using an NRPC pass-through authentication ([MS-NRPC] section 3.2) method, with parameters as specified in section 3.1.5.

The NETLOGON_NETWORK_INFO and NETLOGON_VALIDATION_SAM_INFO4 data structures SHOULD be exchanged ([MS-NRPC] sections 2.2.1.4.5 and 2.2.1.4.13). The DC MUST populate the NETLOGON_VALIDATION_SAM_INFO4 with the information for the user logging on and return the SessionBaseKey ([MS-NLMP] section 3.3.1 and 3.3.2) in the UserSessionKey field in NETLOGON_VALIDATION_SAM_INFO4, and MUST send it back to the NTLM server. If no matching account is found, an error STATUS_NO_SUCH_USER (section 2.2) MUST be returned to the NTLM server, resulting in a logon failure.

 
Show:
© 2014 Microsoft