New Features and Changes

Support for HP-UX 11i

HP supports AS/U version B.04.06/B.03.06 on HP-UX 11i.

New NTLMv2 Authentication

AS/U version B.04.06/B.03.06 implements the new NTLMv2 authentication. NTLMv2 enhances NTLM by improving authentication and session security. For more information about NTLMv2, read Microsoft Articles Q147706 and Q239869 at www.microsoft.com.

The new NTLMv2 adds the following new parameter to the AS/U registry:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\control\LSA

Value: LMCompatibilityLevel
Value Type: REG_DWORD - Number
Value Range: 0-5
Default: 0
Description: This parameter specifies the type of
authentication to be used.

This new parameter is also available on Windows NT and Windows 9X clients.

	NOTE: The valid registry key on Windows 9X is LMCompatibility. The valid registry key on Windows NT is LMCompatibilityLevel.

The new NTLM 2 registry paramater defaults to 0, however, you can set it to level 0 - 5.

Level 0
Send LM and NTLM response; never use NTLM 2 session security. Clients use LM and NTLM authentication, and never use NTLM 2 session security; domain controllers accept LM, NTLM, and NTLM 2 authentication.

Level 1
Use NTLM 2 session security if negotiated. Clients use LM and NTLM authentication, and use NTLM 2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLM 2 authentication.

Level 2
Send NTLM response only. Clients use only NTLM authentication, and use NTLM 2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLM 2 authentication.

Level 3
Send NTLM 2 response only. Clients use NTLM 2 authentication, and use NTLM 2 session security if the server supports it; domain contollers accept LM, NTLM, and NTLM 2 authentication.

Level 4
Domain controllers refuse LM responses. Clients use NTLM 2 authentication, and use NTLM 2 session security if the server supports it; domain controllers accept NTLM and NTLM 2. Domain controllers refuse LM authentication.

Level 5
Domain controllers refuse LM and NTLM responses, except for NTLM 2. Clients use NTLM 2 authentication, use NTLM 2 session security if the server supports it; domain controllers only accept NTLM 2. Domain controllers refuse NTLM and LM authentication.

File Change Notification

HP implemented File Change Notification for AS/U shares in AS/U version B.04.06/B.03.06. For example, if an NT client has an open File Manager window that displays an AS/U share folder, AS/U automatically updates the open window when any changes are made to that folder.

File Change Notification does not constantly poll AS/U share trees for changes because doing so will slow performance. Instead, File Change Notification notifies all clients watching the tree of any changes after a client completes a change.

	NOTE: File Change Notification does not automatically report changes made on the Unix side because polling of Unix directories is unavailable.

File Change Notification adds the following new parameter to the AS/U registry:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AdvancedServer\FileServiceParameters
Value: FileChangeNotify
Value Type: REG_DWORD - Number
Valid Range: 0 or 1
Deafult: 1
Description: This parameter enables File Change
Notification on the AS/U server.