Information about the SSPI Authentication handshake as applied to NTLM can be found at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wcesecurity5/html/wce50conNTLMSecuritySupportProvider.asp
The are 2 styles of NTLM authentication.
Connection Authentication (ISC_REQ_CONNECTION) – This is a 3 way handshake where the challenge is initiated by the client
Datagram Authentication (ISC_REQ_DATAGRAM) – The callenge is initiated by the server. There is NO Type 1 message generated in this type
The security layer on Pocket PC 2003 supports NTLM but DOES NOT SUPPORT DATAGRAM style. This may be confusing for the developers as the InitializeSecurityContext may not return error when the Type2 is passed to it with the DATAGRAM flag. It returns a buffer back which the server fails to authenticate when sent to it.
Issues with LCS2005 NTLM
Some things to keep in mind when you are trying to make your SIP client authenticate with LCS 2005 using NTLM are
Disclaimer : This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at http://www.microsoft.com/info/cpyright.htm