Celerra Response to Microsoft Security Bulletin MS04-011.

Page 1 of 2

"Celerra Response to Microsoft Security Bulletin MS04-011."
ID: Domain: Usage Count: Class: Conflicts: emc85270 GS Primus Database 34 3.X Compatibility 0 Status: Audience: Owner: Product: Author: Date Created: Modified By: Date Modified: Shared: RCA Status: RCA Cause: Review Frequency: ETA: Bug Tracking Number: NGOE Product/Version: Approved Customer CORP\cadorj (Cadorette, John - E 11/20/00) Celerra File Server, Celerra Network Server CORP\cadorj (Cadorette, John - E 11/20/00) 4/19/2004 CORP\ercolp (Ercolani, Pam - E 8/21/00) 1/19/2010 Yes Not Required None Medium None None None

Celerra Response to Microsoft Security Bulletin MS04-011.

Product: Celerra File Server (CFS) Product: CLARiiON CX600 OS: Microsoft Windows 2000 OS: Microsoft Windows XP Protocol: Common Internet File System (CIFS) EMC SW: NAS Code EMC SW: NAS Code 4.1.xx.x EMC SW: NAS Code 4.0.xx.x EMC SW: NAS Code 5.2.x EMC SW: NAS Code 4.x EMC SW: NAS Code 5.x

SASSER WORM Virus. There may be System event errors: 3034 (MRxSmb "The redirector was unable to initialize security context or query context attributes.") in Windows System Event Log.

After applying security patch lost access to Celerra. The local Security Policies were changed to use NTLM V2 only.

Celerra DART does not provide native NTLMv2 support until NAS 5.3.17.x, NAS 5.4 and higher. Additionally, NAS versions,, and can provide session/passwd NTLMv2 responses to DC's. Prior to these versions, a 'logoff' request would be returned to the Celerra when it tries to negotiate with anything other than NTLM V2.

On the Windows Client set the policy to use NTLM instead of NTLMV2 [or in Domain Security Policy]: \Start\Programs\Administrative Tools\Local Security Policy\Settings\Security Options\LAN Manager

mhtml:file://D:\EMC\January 2011\Cases\Celerra support for NTLMv2 authentication.... 5/24/2011

Note Also see emc84880 CERT Technical Cyber Security Alert TA04104A emc84880 CERT Technical Cyber Security Alert TA04-104A See this solution for related information: emc94062. See AR44353 and AR41591 for more information on patch development to address the issues brought forth with the application of MS04-011 in Windows environments that contain Celerra Servers.msc" or Programs>Administrative Tools>Local Security Policy.." to "Send LM & NTLM responses" NOTE: If this is set somewhere else. 3. such as in the Registry or Domain Policy. Expand to "Local Policies" and select the "Security Options" container. the Server can forward to the DC for authentication..evt SCECli event indicating the policy refresh. 2. 6. it needs to be changed there as well. SLS Support mhtml:file://D:\EMC\January 2011\Cases\Celerra support for NTLMv2 authentication. Start>Run: "Secpol.. Page 2 of 2 Authentication Level and set to NTLM Allow the machine to negotiate both NTLM and NTLMv2: 1.. Edit the "LAN Manager Authentication Level" value as follows: Change from "Send NTLMv2. 5/24/2011 . Open a command prompt and type: "secedit /refreshpolicy machine_policy /enforce" (Windows 2000) -or"gpupdate /force" (Windows XP/2003) Wait for the App.. Celerra now supports the password length of NTLMV2 if a client uses such a password. Test & Verify 4. 5.Celerra Response to Microsoft Security Bulletin MS04-011.

Sign up to vote on this title
UsefulNot useful