NTLM authentication from Windows 7 to WinCE 3.0
I have the following problem. I would like to connect from a Windows 7 PC with the IE8 to a WinCE 3.0 web server. Some pages on this web application are password protected. When I try to connect to this pages, the NTLM authentication always ends with an error. When I check the data transfer on the ethernet I see, that the last HTTP request with the NTLM_AUTH message returns with a "HTTP/1.0 401 Unauthorized" message. On Windows 7 I changed the following network security settings: Network security: LAN Manager authentication level Send LM & NTLM - use NTLMv2 session security if negotiated Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Disable 128-bit encryption Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Disable 128-bit encryption Network security: Allow Local System to use computer identity for NTLM Activeted Network security: Do not store LAN Manager hash value on next password change Deactivated Does someone has information about this behaviour? Beat
November 12th, 2010 2:58am

Hi, I notice that you said” NTLM authentication always ends with an error”. Please provide the error message for us. To confirm what the source is, please test the issue on another Windows 7. Meanwhile, I would like to share the following article with you: A high level overview of Windows CE Web Server authentication Also, I suggest you check the related settings of WinCE: Microsoft Windows CE 3.0 Web Server Hope it helps. Alex ZhaoPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
November 16th, 2010 5:56am

Hello Alex At first, the configuration of the WinCE 3.0 WEB server is correct, because it works with Windows XP or Windows Vista computers. The Web server use the local CE account database and the user and the password are set with the function NTLMSetUserInfo()! I tested it with two Windows 7 computers without success. About the error messeage: I will show you the order of the HTTP telegrams on the network with Windows 7: - HTTP: GET .... with NTLMSSP data: NTLM Message Type:NTLM_NEGOTIATE - HTTP: HTTP/1.0 401 Unauthorized with NTLMSSP data: NTLM Message Type:NTLM_CHALLANGE - HTTP: GET .... with NTLMSSP data: NTLM Message Type:NTLM_AUTH (User name, Lan Manager Response, NTLM Response, ...) - HTTP: HTTP/1.0 401 Unauthorized without NTLMSSP The similar HTTP telegrams I found with the Windows XP: - HTTP: GET .... with NTLMSSP data: NTLM Message Type:NTLM_NEGOTIATE - HTTP: HTTP/1.0 401 Unauthorized with NTLMSSP data: NTLM Message Type:NTLM_CHALLANGE - HTTP: GET .... with NTLMSSP data: NTLM Message Type:NTLM_AUTH (User name, Lan Manager Response, NTLM Response, ...) - HTTP: HTTP/1.0 304 Not Modified When I compare the data in the NTLM_AUTH telegram I see 3 differences: 1. The version number in the NTLMSSP data packet are differnet: Windows 7 : 0601B01D Windows XP: 0501280A 2. The offset value for the EncryptedRandomSessionKeyFields shows on different points: Windows 7 : EncryptedRandomSessionKeyLen = 0000 EncryptedRandomSessionKeyMaxLen = 0000 EncryptedRandomSessionKeyBufferOffset = A2000000 The maximum length of the NTLMSSP data packet is only 0xA2 -> at EncryptedRandomSessionKeyBufferOffset there is no value!!!! Windows XP: EncryptedRandomSessionKeyLen = 0000 EncryptedRandomSessionKeyMaxLen = 0000 EncryptedRandomSessionKeyBufferOffset = 92000000 The maximum length of the NTLMSSP data packet is only 0x93 -> at EncryptedRandomSessionKeyBufferOffset there is zero value for the empty string!!!! 3. The MIC value is not set in the Windows XP telegram. That is the reason why the the telegram size is 16 byte smaller. I found the information about the NTLMSSP telegram in the document: [MS-NLMP] — v20101001 NT LAN Manager (NTLM) Authentication Protocol Specification I hope these are enough informations to detect the reason for my problem. Beat
November 17th, 2010 5:48am

Hello together I got an answer from "Microsoft Customer Service and Support" about this problem. There is no solution!! Windows CE 3.0 has a problem with the NTLM authentication with Windows Vista and Windows 7. In the newer Windows CE versions (5.0, 6.0), this problem is solved. Kind regards Beat
Free Windows Admin Tool Kit Click here and download it now
December 9th, 2010 3:42am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics