How NTLM authentication works

By Andrei Ungureanu - Last updated: Tuesday, February 23, 2016 - Save & Share - Leave a Comment

Despre Kerberos se tot vrobeste insa sunt multe cazuri in care ne confruntam si cu NTLM iar pentru a diagnostica problemele de autentificare e bine sa intelegem si cum functioneaza.

Mai jos sunt etapele procesului de autentificare:

  1. (Interactive authentication only) A user accesses a client computer and provides a domain name, user name, and password. The client computes a cryptographichash of the password and discards the actual password.
  2. The client sends the user name to the server (in plaintext).
  3. The server generates a 16-byte random number, called a challenge or nonce, and sends it to the client.
  4. The client encrypts this challenge with the hash of the user’s password and returns the result to the server. This is called the response.
  5. The server sends the following three items to the domain controller:

    • User name
    • Challenge sent to the client
    • Response received from the client
  6. The domain controller uses the user name to retrieve the hash of the user’s password from the Security Account Manager database. It uses this password hash to encrypt the challenge.
  7. The domain controller compares the encrypted challenge it computed (in step 6) to the response computed by the client (in step 4). If they are identical, authentication is successful.


Posted in Active Directory, Security, Windows Server • Tags: , Top Of Page

Write a comment