4694 – Support NTLM CredSSP

Bug 4694 - Support NTLM CredSSP

Summary: Support NTLM CredSSP

Status:	CLOSED WONTFIX

Alias:	None

Product:	ThinLinc
Classification:	Unclassified
Component:	\| rdesktop (deprecated) (show other bugs)
Version:	trunk
Hardware:	PC Unknown

Importance:	P2 Normal
Target Milestone:	4.10.0
Assignee:	Henrik Andersson

URL:
Keywords:

Depends on:
Blocks:	2036
	Show dependency tree / graph

Reported:	2013-06-11 17:29 CEST by Pierre Ossman
Modified:	2019-02-07 15:51 CET (History)
CC List:	0 users

See Also:
Acceptance Criteria:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Pierre Ossman cendio

2013-06-11 17:29:23 CEST

Currently we only support CredSSP using the Kerberos method (bug 2571). This however requires that the ThinLinc server and WTS both are joined to the same domain, and that all the Kerberos stuff is properly set up on the ThinLinc server.

This is often not the case, and the end result is that ThinLinc cannot connect to a modern WTS by default (as it requires CredSSP by default).

We should add support for NTLM to improve our out-of-box experience with modern Windows servers.

Comment 1 Henrik Andersson cendio

2015-06-17 12:17:19 CEST

https://fedorahosted.org/gss-ntlmssp/ is a GPLv3 implementation of:

  [MS-NLMP]: NT LAN Manager (NTLM) Authentication Protocol

Comment 2 Peter Åstrand cendio

2018-02-12 12:13:58 CET

Also note that Windows 2016 supports yet another CredSSP credential type:

"TSRemoteGuardCreds"

Comment 3 Pierre Ossman cendio

2019-02-07 15:43:59 CET

rdesktop (and associated tools) is being removed from the ThinLinc product.

Note You need to log in before you can comment on or make changes to this bug.