With NTLMv1 on server, data is not encrypted when you set or add password in User Manager or in Server Manager (269406)


The information in this article applies to:

  • Microsoft Windows 2000 Server SP1
  • Microsoft Windows 2000 Advanced Server SP1
  • Microsoft Windows 2000 Professional SP1
This article was previously published under Q269406

SYMPTOMS

When you run User Manager or Server Manager to add a new user or to change a current user's password, the encrypted-password-block goes through the network, exposing the password in plain text. The server makes a call to the remote client without encrypting the password data.

This behavior can occur if you use NTLMv1 (Windows NT LAN Manager version 1) on a server that runs Microsoft Windows 2000 Server.

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack

The English version of this fix should have the following file attributes or later:
   Date        Time    Version        Size     File name
   -----------------------------------------------------------------
   01/25/2001  05:24p  5.0.2195.2842  130,320  adsldpc.dll
   01/25/2001  05:24p  5.0.2195.2835  348,944  advapi32.dll
   01/25/2001  05:23p  5.0.2195.2816  502,032  instlsa5.dll
   01/25/2001  05:24p  5.0.2195.2842  140,560  kdcsvc.dll
   01/17/2001  04:17p  5.0.2195.2842  198,928  kerberos.dll
   12/20/2000  12:13a  5.0.2195.2808   69,456  ksecdd.sys
   01/25/2001  05:24p  5.0.2195.2816  484,112  lsasrv.dll    128-bit
   01/23/2001  08:19p  5.0.2195.2816  494,864  lsasrv.dll    56-bit
   01/02/2001  11:45a  5.0.2195.2816   33,552  lsass.exe
   01/23/2001  08:06p  5.0.2195.2850  108,816  msv1_0.dll
   01/25/2001  05:24p  5.0.2195.2844  912,656  ntdsa.dll
   09/21/2000  07:00p  5.0.2195.2283   51,984  samlib.dll
   01/25/2001  05:24p  5.0.2195.2780  363,280  samsrv.dll
   01/25/2001  05:24p  5.0.2195.2797  128,272  wldap32.dll

STATUS

Microsoft has confirmed that this is a problem in Microsoft Windows 2000. This problem was first corrected in Windows 2000 Service Pack 2.

MORE INFORMATION

For additional information about how to install Windows 2000 and Windows 2000 hotfixes at the same time, click the following article number to view the article in the Microsoft Knowledge Base:

249149 Installing Microsoft Windows 2000 and Windows 2000 Hotfixes

Modification Type:MinorLast Reviewed:10/19/2005
Keywords:kbbug kbfix kbWin2000PreSP2Fix KB269406
©2004 Microsoft Corporation. All rights reserved.