Unencrypted Passwords May Cause SP3 to Fail to Connect to SMB Servers

This article was previously published under Q166730
This article has been archived. It is offered "as is" and will no longer be updated.
After upgrading your Windows NT 4.0 computer to Service Pack 3 (SP3), youare unable to connect to certain non-Microsoft Server Message Block (SMB)servers and you may receive the following error message:
System error 1240 has occurred.

The account is not authorized to login from this station.
Some non-Microsoft SMB servers only support unencrypted (plain text)password exchanges during authentication.

The SMB client redirector in Windows NT 4.0 Service Pack 3 and laterhandles unencrypted passwords differently than previous versions of WindowsNT. Beginning with Windows NT 4.0 Service Pack 3, the SMB redirector doesnot send an unencrypted password during authentication to an SMB serverunless you add a specific registry entry.

In previous versions, the client would automatically negotiate downward tounencrypted (plain text) authentication if requested from the server.
Check with the vendor of the SMB server product to see if there is a wayto support encrypted password authentication, or if there is a newerversion of the product that adds this support.

Alternatively, to enable unencrypted (plain text) passwords for the SMBclient on Windows NT 4.0 Service Pack 3 and newer systems, modify theregistry in the following way:

WARNING: Enabling this will allow unencrypted (plain text) passwords to be sent across the network when authenticating to an SMB server that requests this option. This can lessen the overall security of an environment and should only be done after careful consideration of the consequences of plain text passwords in your specific environment.

WARNING: Using the registry editor incorrectly can cause serious, system-wide problems that may require you to reinstall Windows NT. Microsoft cannot guarantee that any problems resulting from the use of the registry editor can be solved. Use this tool at your own risk.
  1. Run Registry Editor (Regedt32.exe).
  2. From the HKEY_LOCAL_MACHINE subtree, go to the following key:
  3. On the Edit menu, click Add Value.
  4. Add the following:
          Value Name: EnablePlainTextPassword      Data Type: REG_DWORD      Data: 1					
  5. Click OK and then quit Registry Editor.
  6. Shut down and restart Windows NT.
To enable unencrypted (plain text) passwords in an automated setup, modifythe registry in the following way:

Add the following line to the Product.Add.Reg section of the Update.inffile:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Rdr\Parameters, "EnablePlainTextPassword", 0x10001, 1
4.00 VAX log in login 2510

Article ID: 166730 - Last Review: 12/04/2015 16:47:11 - Revision: 2.1

Microsoft Windows NT Workstation 4.0 Developer Edition, Microsoft Windows NT Workstation 4.0 Developer Edition, Microsoft Windows NT Workstation 4.0 Developer Edition, Microsoft Windows NT Server 4.0 Standard Edition, Microsoft Windows NT 4.0 Service Pack 3

  • kbnosurvey kbarchive kbinfo kbnetwork KB166730