Select the product you need help with
- Internet Explorer
- Windows Phone
- More products
Windows NT Client Logon Fails with EnableSecuritySignature Set
Article ID: 185625 - View products that this article applies to.
This article was previously published under Q185625
When SMB security signatures are enabled by setting EnableSecuritySignature to 1 on the server, a Windows NT Client logon attempt may fail. The failure will occur if only a Lan Manager password component is present in the Windows NT domain account. The following error will be returned by the client:
Invalid user name or password...
The server service performs an SMB security signature check and it fails in this case. When a sessionsetupandx command is being performed, the check fails. The server assumes that the client provides Windows NT credentials. The redirector is incorrectly including the LanMan security information for security signatures as if it were Windows NT security information.
To resolve this problem, obtain the latest service pack for Windows NT 4.0 or Windows NT Server 4.0, Terminal Server Edition. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/152734/EN-US/ )How to Obtain the Latest Windows NT 4.0 Service Pack
NOTE: The redirector is dependent on the server fix to operate correctly. Rdr.sys must be installed on the client and Srv.sys must be used on the server to address this issue successfully.
For additional information, please see the following article in the Microsoft Knowledge Base:
TITLE : How to Enable SMB Signing in Windows NT
Microsoft has confirmed that this is a problem in Windows NT 4.0 and Windows NT Server 4.0, Terminal Server Edition. This problem was first corrected in Windows NT 4.0 Service Pack 4.0 and Windows NT Server 4.0, Terminal Server Edition Service Pack 4.
Article ID: 185625 - Last Review: November 1, 2006 - Revision: 2.1