[MS-NLMP]: NT LAN Manager (NTLM) Authentication Protocol
|
This topic lists the Errata found in [MS-NLMP] since it was last published. Since this topic is updated frequently, we recommend that you subscribe to these RSS or Atom feeds to receive update notifications. Errata are subject to the same terms as the Open Specifications documentation referenced. |
|
|---|
To view a PDF file of the errata for the previous versions of this document, see the following ERRATA Archives:
October 16, 2015 - Download
June 30, 2015 - Download
July 18, 2016 - Download
September 23, 2019 - Download
September 29, 2020 – Download
Errata below are for Protocol Document Version V34.0 – 2021/06/25.
|
Errata Published* |
Description |
|---|---|
|
2022/02/08 |
The following sections were changed. Please see the diff document for the details.
In section 2.2.1.1 NEGOTIATE_MESSAGE, added requirement for the VERSION structure to be populated.
Changed from:
Version (8 bytes): A VERSION structure (as defined in section 2.2.2.10) that is populated only when the NTLMSSP_NEGOTIATE_VERSION flag is set in the NegotiateFlags field. This structure SHOULD<6> be used for debugging purposes only. In normal (nondebugging) protocol messages, it is ignored and does not affect the NTLM message processing
Changed to:
Version (8 bytes): A VERSION structure (as defined in section 2.2.2.10) that is populated only when the NTLMSSP_NEGOTIATE_VERSION flag is set in the NegotiateFlags field, otherwise it MUST be set to all-zero. This structure SHOULD<6> be used for debugging purposes only. In normal (nondebugging) protocol messages, it is ignored and does not affect the NTLM message processing
In section 2.2.1.2 CHALLENGE_MESSAGE, added requirement for the VERSION structure to be populated.
Changed from:
Version (8 bytes): A VERSION structure (as defined in section 2.2.2.10) that SHOULD<9> be populated only when the NTLMSSP_NEGOTIATE_VERSION flag is set in the NegotiateFlags field. This structure is used for debugging purposes only. In normal (non-debugging) protocol messages, it is ignored and does not affect the NTLM message processing.
Changed to:
Version (8 bytes): A VERSION structure (as defined in section 2.2.2.10) that SHOULD<9> be populated only when the NTLMSSP_NEGOTIATE_VERSION flag is set in the NegotiateFlags field, otherwise it MUST be set to all-zero. This structure is used for debugging purposes only. In normal (non-debugging) protocol messages, it is ignored and does not affect the NTLM message processing.
In section 2.2.1.3 AUTHENTICATE_MESSAGE, added requirement for the VERSION structure to be populated.
Changed from:
Version (8 bytes): A VERSION structure (section 2.2.2.10) that is populated only when the NTLMSSP_NEGOTIATE_VERSION flag is set in the NegotiateFlags field. This structure is used for debugging purposes only. In normal protocol messages, it is ignored and does not affect the NTLM message processing.<11>
Changed to:
Version (8 bytes): A VERSION structure (section 2.2.2.10) that SHOULD be populated only when the NTLMSSP_NEGOTIATE_VERSION flag is set in the NegotiateFlags field, otherwise it MUST be set to all-zero. This structure is used for debugging purposes only. In normal protocol messages, it is ignored and does not affect the NTLM message processing.<11>
In section 2.2.2.10 VERSION, added requirement for the VERSION structure to be populated.
Changed from:
The VERSION structure contains operating system version information that SHOULD<31> be ignored. This structure is used for debugging purposes only and its value does not affect NTLM message processing. It is populated in the NEGOTIATE_MESSAGE, CHALLENGE_MESSAGE, and AUTHENTICATE_MESSAGE messages only if NTLMSSP_NEGOTIATE_VERSION is negotiated.<32>
Changed to:
The VERSION structure contains operating system version information that SHOULD<31> be ignored. This structure is used for debugging purposes only and its value does not affect NTLM message processing. It is populated in the NEGOTIATE_MESSAGE, CHALLENGE_MESSAGE, and AUTHENTICATE_MESSAGE messages only if NTLMSSP_NEGOTIATE_VERSION is negotiated, otherwise it MUST be set to all-zero.<32>
In section 3.1.5.1.1 Client Initiates the NEGOTIATE_MESSAGE, added requirement for the VERSION structure to be populated.
Changed from:
If the NTLMSSP_NEGOTIATE_VERSION flag is set by the client application, the Version field MUST be set to the current version (section 2.2.2.10), the DomainName field MUST be set to a zero-length string, and the Workstation field MUST be set to a zero-length string.
Changed to:
If the NTLMSSP_NEGOTIATE_VERSION flag is set by the client application, the Version field MUST be set to the current version (section 2.2.2.10), the DomainName field MUST be set to a zero-length string, and the Workstation field MUST be set to a zero-length string. If the NTLMSSP_NEGOTIATE_VERSION flag is not set by the client application, the Version field MUST be set to all-zero.
In section 3.1.5.1.2 Client Receives a CHALLENGE_MESSAGE from the Server, added requirement for the VERSION structure to be populated.
Changed from:
If the NTLMSSP_NEGOTIATE_VERSION flag is set by the client application, the Version field MUST be set to the current version (section 2.2.2.10), and the Workstation field MUST be set to NbMachineName.
Changed to:
If the NTLMSSP_NEGOTIATE_VERSION flag is set by the client application, the Version field MUST be set to the current version (section 2.2.2.10), and the Workstation field MUST be set to NbMachineName. Otherwise, if the NTLMSSP_NEGOTIATE_VERSION flag is not set by the client application the Version field MUST be set to all-zero. |
*Date format: YYYY/MM/DD
