Announcement

Collapse
No announcement yet.

Create a Telnet connection with the NTLM authentication

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Create a Telnet connection with the NTLM authentication

    Hi

    I have a computer with XP Pro SP3 and I should create a Telnet connection with the telnet server integrated in Windows 7 SP1 64 bit which only allows the NTLM authentication.

    So, how do I have to configure the telnet client of XP to automatically connect to the telnet server using different credentials.

    Thanks

    Bye
    balubeto

  • #2
    Re: Create a Telnet connection with the NTLM authentication

    Using our friend , I found this MS article which may help you:

    http://technet.microsoft.com/en-us/l...=ws.10%29.aspx. It describes the use of AD group membership to allow access.
    *RicklesP*
    MSCA (2003/XP), Security+, CCNA

    ** Remember: credit where credit is due, and reputation points as appropriate **

    Comment


    • #3
      Re: Create a Telnet connection with the NTLM authentication

      Originally posted by RicklesP View Post
      Using our friend , I found this MS article which may help you:

      http://technet.microsoft.com/en-us/l...=ws.10%29.aspx. It describes the use of AD group membership to allow access.
      Hi

      I have created a text file Login_telnet_Pippo.txt:

      Code:
      set WshShell = WScript.CreateObject("WScript.Shell")
      WshShell.run"telnet.exe Pippo"
      WScript.Sleep 1500
      WshShell.SendKeys"telnet Pippo"
      WshShell.SendKeys("{Enter}")
      WScript.Sleep 1500
      'write the user name to the cmd window
      WshShell.SendKeys"<My username>"
      WshShell.SendKeys("{Enter}")
      WScript.Sleep 1500
      'write the password to the cmd window
      WshShell.SendKeys"<My password>"
      WshShell.SendKeys("{Enter}")
      WScript.Sleep 1500
      WshShell.SendKeys"cd /opt/TelePATH/"
      WshShell.SendKeys("{Enter}")
      WshShell.SendKeys"ls"
      and then I wrote this command from the command prompt of XP:

      Code:
      telnet -f "C:\Documents and Settings\All Users\Documenti\Login_telnet_Pippo.txt" Pippo 23
      where Pippo is my server which has Windows 7 SP1 64-bit.

      Unfortunately, this error message is displayed:

      Code:
      Microsoft Telnet Client
      The escape character is 'Ctrl ++'
      You are sending information to a remote computer in the Internet Zone. This may not be secure. Send it anyway? (y/n) y
       
      Telnet server could not log you in using NTLM authentication.
      Your password may have expired.
      Login using username and password
      
      Telnet Server is configured to use NTLM authentication only.
      Contact your administrator to enable username/password authentication.
      Telnet Server has closed the connection
      Connection to host lost.
      How come? Where I was wrong?

      Thanks

      Bye
      balubeto

      Comment


      • #4
        Re: Create a Telnet connection with the NTLM authentication

        Did you add the relevant user to the TelnetClients group??

        ***EDIT***

        Is there a need to use NTLM for logon purposes??

        Did you configure this server??

        I've installed 2 machines, one as Windows XP and the other as Windows 7 x64 with SP1 installed.

        Installed a vanilla Telnet server and connected successfully with no NTLM enabled.

        To turn off NTLM use the following command tlntadmn config sec=-NTLM

        For more help please look here

        http://technet.microsoft.com/en-us/l.../cc787407.aspx
        Last edited by wullieb1; 16th April 2013, 03:35. Reason: Testing done.

        Comment


        • #5
          Re: Create a Telnet connection with the NTLM authentication

          Originally posted by wullieb1 View Post
          Did you add the relevant user to the TelnetClients group??

          ***EDIT***

          Is there a need to use NTLM for logon purposes??

          Did you configure this server??

          I've installed 2 machines, one as Windows XP and the other as Windows 7 x64 with SP1 installed.

          Installed a vanilla Telnet server and connected successfully with no NTLM enabled.

          To turn off NTLM use the following command tlntadmn config sec=-NTLM

          For more help please look here

          http://technet.microsoft.com/en-us/l.../cc787407.aspx

          Of course, I have added to the TelnetClients group all users who need to connect to my Win 7 computer. For security reasons, I have to use only the NTLM authentication.

          So, why my Telnet server does not respond to the Telnet client even with the Login request?

          Thanks

          Bye
          balubeto

          Comment


          • #6
            Re: Create a Telnet connection with the NTLM authentication

            Originally posted by balubeto View Post
            Of course, I have added to the TelnetClients group all users who need to connect to my Win 7 computer. For security reasons, I have to use only the NTLM authentication.

            So, why my Telnet server does not respond to the Telnet client even with the Login request?

            Thanks

            Bye
            Have you tried logging in manually rather than using a script??

            It appears to me looking at the script that you are opening 3 telnet sessions.

            Comment


            • #7
              Re: Create a Telnet connection with the NTLM authentication

              Originally posted by wullieb1 View Post
              Have you tried logging in manually rather than using a script??

              It appears to me looking at the script that you are opening 3 telnet sessions.
              If I write:

              Code:
              telnet Pippo /p Port_number
              this message:

              Code:
              Microsoft Telnet Client
              The escape character is 'Ctrl ++'
              You are sending information to a remote computer in the Internet Zone. This may not be secure. Send it anyway? (y/n) y
              Telnet server could not log you in using NTLM authentication.
              Your password may have expired.
              Login using username and password
              
              Telnet Server is configured to use NTLM authentication only.
              Contact your administrator to enable username/password authentication.
              Telnet Server has closed the connection
              Connection to host lost.
              is displayed.

              My Telnet server configuration is:

              Code:
              C:\Windows\system32>tlntadmn
              
              Alt key associated with 'CTRL+A'               : YES
              Idle Session Timeout                           : 30 minutes 0 seconds
              Max. connections                               : 5
              Telnet port                                    : 23
              Maximum number of failed login attempts        : 3
              End Task to disconnect                         : YES
              Operation mode                                 : Console
              Authentication Mechanism                       : NTLM
              Domain Defaults                                : Pippo
              Status                                         : Running
              
              C:\Windows\system32>
              So, how come I have these access problems?

              Thanks

              Bye
              Last edited by balubeto; 23rd April 2013, 18:00.
              balubeto

              Comment


              • #8
                Re: Create a Telnet connection with the NTLM authentication

                Code:
                telnet Pippo /p Port_number
                Why are you doing this??

                Your connecting to Telnet on the default port, 23 which you don't need.

                What is the /p yuou are using?? According to my client its not a switch

                Code:
                C:\Users\William>telnet /?
                
                telnet [-a][-e escape char][-f log file][-l user][-t term][host [port]]
                 -a      Attempt automatic logon. Same as -l option except uses
                         the currently logged on user's name.
                 -e      Escape character to enter telnet client prompt.
                 -f      File name for client side logging
                 -l      Specifies the user name to log in with on the remote system.
                         Requires that the remote system support the TELNET ENVIRON option.
                 -t      Specifies terminal type.
                         Supported term types are vt100, vt52, ansi and vtnt only.
                 host    Specifies the hostname or IP address of the remote computer
                         to connect to.
                 port    Specifies a port number or service name.
                
                C:\Users\William>
                So in my opinion your commands should be

                Code:
                telnet Pippo -a
                (Automatic logon using current logon credentials)

                or

                Code:
                telnet Pippo - l username

                Comment


                • #9
                  Re: Create a Telnet connection with the NTLM authentication

                  Originally posted by wullieb1 View Post
                  Code:
                  telnet Pippo /p Port_number
                  Why are you doing this??

                  Your connecting to Telnet on the default port, 23 which you don't need.

                  What is the /p yuou are using?? According to my client its not a switch

                  Code:
                  C:\Users\William>telnet /?
                   
                  telnet [-a][-e escape char][-f log file][-l user][-t term][host [port]]
                   -a      Attempt automatic logon. Same as -l option except uses
                           the currently logged on user's name.
                   -e      Escape character to enter telnet client prompt.
                   -f      File name for client side logging
                   -l      Specifies the user name to log in with on the remote system.
                           Requires that the remote system support the TELNET ENVIRON option.
                   -t      Specifies terminal type.
                           Supported term types are vt100, vt52, ansi and vtnt only.
                   host    Specifies the hostname or IP address of the remote computer
                           to connect to.
                   port    Specifies a port number or service name.
                   
                  C:\Users\William>
                  So in my opinion your commands should be

                  Code:
                  telnet Pippo -a
                  (Automatic logon using current logon credentials)

                  or

                  Code:
                  telnet Pippo - l username
                  Since the two accounts have different credentials, I wrote:

                  Code:
                  telnet Pippo - l <username>
                  but the error, which is displayed, is always the same. How come? From the command line, it is also possible to put my password? If so, how do I do this?

                  Thanks

                  Bye
                  Last edited by balubeto; 25th April 2013, 15:58.
                  balubeto

                  Comment


                  • #10
                    Re: Create a Telnet connection with the NTLM authentication

                    Originally posted by balubeto View Post
                    Since the two accounts have different credentials, I wrote:

                    Code:
                    telnet Pippo - l <username>
                    but the error, which is displayed, is always the same. How come? From the command line, it is also possible to put my password? If so, how do I do this?

                    Thanks

                    Bye
                    You really don't do much research do you!!!!!

                    Try enabling NTLM on the XP client machine

                    http://www.microsoft.com/resources/d....mspx?mfr=true

                    http://technet.microsoft.com/en-us/l...(v=ws.10).aspx

                    to do that I would do this

                    telnet then press enter
                    unset ntlm then press enter
                    open pippo then press enter

                    That should then prompt for your username and password which you can enter.

                    Comment


                    • #11
                      Re: Create a Telnet connection with the NTLM authentication

                      Originally posted by wullieb1 View Post
                      You really don't do much research do you!!!!!

                      Try enabling NTLM on the XP client machine

                      http://www.microsoft.com/resources/d....mspx?mfr=true

                      http://technet.microsoft.com/en-us/l...(v=ws.10).aspx

                      to do that I would do this

                      telnet then press enter
                      unset ntlm then press enter
                      open pippo then press enter

                      That should then prompt for your username and password which you can enter.
                      I tried to write it:

                      Code:
                      Microsoft Telnet Client
                      Il carattere di Escape  'CTRL++'
                      Microsoft Telnet> unset ntlm
                      Won't auth (ntlm authentication)
                      Microsoft Telnet> open Pippo
                      Connessione a Pippo...
                      Microsoft Telnet>
                      but it does not work because the usual error appears. How come?

                      Thanks

                      Bye
                      balubeto

                      Comment


                      • #12
                        Re: Create a Telnet connection with the NTLM authentication

                        Originally posted by balubeto View Post
                        I tried to write it:

                        Code:
                        Microsoft Telnet Client
                        Il carattere di Escape  'CTRL++'
                        Microsoft Telnet> unset ntlm
                        Won't auth (ntlm authentication)
                        Microsoft Telnet> open Pippo
                        Connessione a Pippo...
                        Microsoft Telnet>
                        but it does not work because the usual error appears. How come?

                        Thanks

                        Bye
                        I have installed a Windows XP machine as the client and a Windows 7 Machine as the server.

                        On checking both systems I found the following settings in place.

                        Windows XP

                        Microsoft Telnet> d
                        Escape Character is 'CTRL+]'
                        Will auth(NTLM Authentication)
                        Local echo off
                        New line mode - Causes return key to send CR & LF
                        Current mode: Console
                        Will term type
                        Preferred term type is ANSI
                        Microsoft Telnet>
                        Windows 7

                        C:\Windows\system32>tlntadmn


                        The following are the settings on localhost

                        Alt Key Mapped to 'CTRL+A' : YES
                        Idle session timeout : 1 hours
                        Max connections : 2
                        Telnet port : 23
                        Max failed login attempts : 3
                        End tasks on disconnect : YES
                        Mode of Operation : Console
                        Authentication Mechanism : NTLM
                        Default Domain : TEST
                        State : Running

                        C:\Windows\system32>
                        When I connect from the XP client to the Win 7 machine I get the NO error when using the same username and password.

                        When using the following details telnet 192.168.100.100 -l tester I also get logged on successfully.

                        Telnet 1 shows the immediate dialogue box after I connect. Here I select y then press enter

                        Telnet 2 shows the active connection.

                        Telnet 3 shows a dir on the telnet server (Windows 7)
                        Attached Files

                        Comment


                        • #13
                          Re: Create a Telnet connection with the NTLM authentication

                          Originally posted by wullieb1 View Post
                          I have installed a Windows XP machine as the client and a Windows 7 Machine as the server.

                          On checking both systems I found the following settings in place.

                          Windows XP



                          Windows 7



                          When I connect from the XP client to the Win 7 machine I get the NO error when using the same username and password.

                          When using the following details telnet 192.168.100.100 -l tester I also get logged on successfully.

                          Telnet 1 shows the immediate dialogue box after I connect. Here I select y then press enter

                          Telnet 2 shows the active connection.

                          Telnet 3 shows a dir on the telnet server (Windows 7)
                          The configuration of the Telnet client in an Administrators account of XP is:

                          Code:
                          The escape character is 'Ctrl++'
                          Microsoft Telnet> d
                          The escape character is 'Ctrl++'
                          Will auth (NTLM authentification)
                          Local echo off
                          &New line mode - The ENTER key sends CR, LF
                          Current Modem: Console
                          Negotiate the terminal type
                          Preferred terminal type: ANSI
                          Microsoft Telnet>
                          While, its configuration in an Users account of XP is:

                          Code:
                          The escape character is 'Ctrl + +'
                          Microsoft Telnet> d
                          The escape character is 'Ctrl + +'
                          Will not auth (NTLM authentification)
                          Local echo off
                          & New line mode - The ENTER key sends CR, LF
                          Current Modem: Console
                          Negotiate the terminal type
                          Preferred terminal type: ANSI
                          Microsoft Telnet>
                          Now, writing in the first account:

                          Code:
                          telnet Pippo -l <username>
                          I connect to Pippo but I find the shell of the administrator account and not that of the username specified. How come?

                          So, how do I properly configure this Telnet client for all users of XP?

                          Thanks

                          Bye
                          Last edited by balubeto; 29th April 2013, 09:45.
                          balubeto

                          Comment


                          • #14
                            Re: Create a Telnet connection with the NTLM authentication

                            Can you tell us what you are trying to do as there may be a better solution than Telnet?

                            (Yes, we know you are trying to telnet in using NTLM authentication, but what are you wanting to do once you have telnetted?)
                            Tom Jones
                            MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                            PhD, MSc, FIAP, MIITT
                            IT Trainer / Consultant
                            Ossian Ltd
                            Scotland

                            ** Remember to give credit where credit is due and leave reputation points where appropriate **

                            Comment


                            • #15
                              Re: Create a Telnet connection with the NTLM authentication

                              Originally posted by balubeto View Post
                              The configuration of the Telnet client in an Administrators account of XP is:

                              Code:
                              The escape character is 'Ctrl++'
                              Microsoft Telnet> d
                              The escape character is 'Ctrl++'
                              Will auth (NTLM authentification)
                              Local echo off
                              &New line mode - The ENTER key sends CR, LF
                              Current Modem: Console
                              Negotiate the terminal type
                              Preferred terminal type: ANSI
                              Microsoft Telnet>
                              While, its configuration in an Users account of XP is:

                              Code:
                              The escape character is 'Ctrl + +'
                              Microsoft Telnet> d
                              The escape character is 'Ctrl + +'
                              Will not auth (NTLM authentification)
                              Local echo off
                              & New line mode - The ENTER key sends CR, LF
                              Current Modem: Console
                              Negotiate the terminal type
                              Preferred terminal type: ANSI
                              Microsoft Telnet>
                              Now, writing in the first account:

                              Code:
                              telnet Pippo -l <username>
                              I connect to Pippo but I find the shell of the administrator account and not that of the username specified. How come?

                              So, how do I properly configure this Telnet client for all users of XP?

                              Thanks

                              Bye
                              You can't. At least I can't find anything in the documentation that I've read.

                              ***RANT ON***

                              BTW I'm not willing to help anymore as I find that you are wanting us to do your job for you rather than you doing your own job. IMO this is embarrassing for you and if your employed by an organisation embarrassing for them as well. If you were my employee I would sack you.

                              Its taken you almost 25 days to get a connection to a Telnet server operational, I had built 2 PC's and had a working connection in less than 3 hours from start to finish.

                              The input you have to your own questions is abysmal. You have never once confirmed what you have tried or what you are doing to get this working. We have no feedback from you with regards to any of the information that we have provided.

                              ***RANT OFF***

                              Comment

                              Working...
                              X