http://blogs.technet.com/b/jesper_johansson/archive/2006/07/26/443597.aspxA while ago I once again got frustrated by LMCompatibilityLevel and the amount of confusion that is out there about it. There was also an intriguing thing in the SAMBA documentation that they (incorrectly) called "NTLM2 Session Response" that needed figureden-USTelligent Evolution Platform Developer Build (Build: 5.6.50428.7875)http://blogs.technet.com/b/jesper_johansson/archive/2006/07/26/443597.aspx#3236313Wed, 06 May 2009 17:14:11 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3236313Save Your Exchange Password in Microsoft Outlook 2003/2007<p>PingBack from <a rel="nofollow" target="_new" href="http://www.petri.co.il/save-your-exchange-password-in-microsoft-outlook-2003-or-2007.htm">http://www.petri.co.il/save-your-exchange-password-in-microsoft-outlook-2003-or-2007.htm</a></p> <img src="http://blogs.technet.com/aggbug.aspx?PostID=3236313" width="1" height="1">http://blogs.technet.com/b/jesper_johansson/archive/2006/07/26/443597.aspx#2952710Sun, 02 Mar 2008 22:21:13 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:2952710How LMCompatibilityLevel really works | Secure Software Engineering Blog<p>PingBack from <a rel="nofollow" target="_new" href="http://www.secure-software-engineering.com/2008/03/02/how-lmcompatibilitylevel-really-works/">http://www.secure-software-engineering.com/2008/03/02/how-lmcompatibilitylevel-really-works/</a></p> <img src="http://blogs.technet.com/aggbug.aspx?PostID=2952710" width="1" height="1">http://blogs.technet.com/b/jesper_johansson/archive/2006/07/26/443597.aspx#444349Tue, 01 Aug 2006 19:44:40 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:444349Alun JonesSomeone reminded me the other day that I should revisit this just to emphasise that this is not &quot;Microsoft screwing up the standards&quot;. <br>MD4 hashes are hashes of binary data, not strings, and as such, there is nothing to state whether or not a terminating NULL should be included, prior to calculating the hash. <br>Microsoft has a renewed interest in standards and interoperability, which can only be a good thing.<div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=444349" width="1" height="1">http://blogs.technet.com/b/jesper_johansson/archive/2006/07/26/443597.aspx#443802Fri, 28 Jul 2006 17:24:55 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:443802Alun JonesEver the burden of the network developer, and particularly the crypto network developer, to get agreement between sender and recipient as to what the binary representation of an object is. &nbsp;You have no idea (but can probably guess) how often this sort of error pops up in badly written software to poorly documented standards, as people disagree on padding, termination, delimiters, size counts, and connection durations. <br>A good protocol document would define these terms explicitly.<div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=443802" width="1" height="1">http://blogs.technet.com/b/jesper_johansson/archive/2006/07/26/443597.aspx#443708Fri, 28 Jul 2006 00:02:23 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:443708Sean KrulewitchFinally an accurate and definitive description of LMCompatibilityLevel and NTLMv2 Session Security from a trusted Microsoft source! <br><div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=443708" width="1" height="1">