none
NT_STATUS_INVALID_PARAMETER RRS feed

  • Question

  • Hi,

    I am writing a pure C implementation for SMB protocol. The Negotiate Request/Response and the Setup And X Request/Response for NTLMv2 message type 1 and 2 works fine. The Type 3 message fails with an Invalid Parameter.

    The packet dump from wireshark seems fine. I have tried with Windows 2012 Server and also with an XP machine but the result in same in both cases. The reason for testing with XP was so that I can set MIC field to null.

    Saturday, August 10, 2013 3:47 PM

Answers

  • Answer

    The STATUS_LOGON_FAILURE was being caused by a erroneous Challenge Response calculation.

    No change in the documentation was necessary to correct this issue.


    SEBASTIAN CANEVARI - MSFT Escalation Engineer Protocol Documentation Team

    Thursday, September 12, 2013 12:18 PM

All replies

  • Hi Nakul,

    Thank you for your question. A member of the Protocol Documentation support team will respond to you soon.

    Regards,
    Vilmos Foltenyi - MSFT

    Saturday, August 10, 2013 8:58 PM
  • Hi Nakul,

    I'll be helping you with this question.

    As soon as I have any answers or requests, I'll let you know.

    Thanks!

    Sebastian


    SEBASTIAN CANEVARI - MSFT Escalation Engineer Protocol Documentation Team

    Sunday, August 11, 2013 2:37 AM
  • Hi Sebastian,

    Thanks for the response.

    I got the MIC field sorted and it gets calculated with the session key as part of the NTLM Type3 message, but still i keep on getting an NT_STATUS_INAVLID_PARAMETER as the result.

    Is there a way that I can get a more descriptive error as to which parameter was wrong or some security log on the windows machine which can guide me?

    Monday, August 12, 2013 3:08 PM
  • Hi Nakul,

    Please send an email to my attention to dochelp@microsoft.com

    I will request some traces from you and will ask you a couple questions that I have in mind.

    Once we get to the answer for your inquiry, I will post the relevant information here so it's available for others future reference.

    Thanks!

    Sebastian


    SEBASTIAN CANEVARI - MSFT Escalation Engineer Protocol Documentation Team

    Monday, August 12, 2013 6:25 PM
  • Hi Sebastian,

    Thanks for the answer, I have managed to get past the Invalid Parameter issue. The problem was that I was not copying the User ID being sent in the SMB Header for the NTLM Type 2 message to my NTLM Type 3 request message.

    Fixing the user ID fixed that issue. The response coming back now is the STATUS_LOGON_FAILURE.

    What fields and other things I should check to fix this problem. Also I am not sure if I am calculating the MIC correctly.

    As per the documentation the MIC is calculated as hmac_md5(ExportedSessionKey, ConcatenationOf(Negotiate_Message,Challenge_Message,Authenticate_Message))

    What is the ExportedSessionKey in this calculation. I have taken the packet dump and if needed can send it to the required email.

    Tuesday, August 13, 2013 5:54 AM
  • Hi Nakul,

    Have you looked at [MS-NLMP]?

    You can find the latest version here: http://msdn.microsoft.com/en-us/library/cc236621.aspx

    Please let me know if you still have questions after reading the details there. Specially sections:

    3.1.5.1.2

    3.2.5.1.2

    Thanks!


    SEBASTIAN CANEVARI - MSFT Escalation Engineer Protocol Documentation Team

    Tuesday, August 13, 2013 5:46 PM
  • Hi Sebastian,

    Thanks for the response. Yes, I have been checking the documentation as well. Just checking my code for conversion of password encoding change and the hmac_md5 implementation to make sure that one is working fine.

    Will keep you posted with any new changes/updates.

    Regards,

    Nakul

    Wednesday, August 14, 2013 4:41 AM
  • Hi Nakul,

    STATUS_LOGON_FAILURE could be very well related to a bad password hash.

    If you need help with that please send an email to my attention to dochelp@microsoft.com so I can request some information and logs from you.

    Thanks and regards,

    Sebastian


    SEBASTIAN CANEVARI - MSFT Escalation Engineer Protocol Documentation Team

    Wednesday, August 14, 2013 4:54 PM
  • FYI

    We are working with Nakul offline.

    As soon as the answer is provided, a summary will be posted here.

    Thanks!

    Sebastian


    SEBASTIAN CANEVARI - MSFT Escalation Engineer Protocol Documentation Team

    Monday, August 26, 2013 8:05 PM
  • We are still working with Nakul offline, I'll update as soon as we have a resolution.

    Thanks!

    Sebastian


    SEBASTIAN CANEVARI - MSFT Escalation Engineer Protocol Documentation Team

    Wednesday, September 4, 2013 9:00 PM
  • Answer

    The STATUS_LOGON_FAILURE was being caused by a erroneous Challenge Response calculation.

    No change in the documentation was necessary to correct this issue.


    SEBASTIAN CANEVARI - MSFT Escalation Engineer Protocol Documentation Team

    Thursday, September 12, 2013 12:18 PM