oh...@cox.net wrote: > So, it seems like the problem is that wget may be doing only NTLM?
The current version of wget only supports NTLM authentication. Specifically, it sends the following flags to the server: NEGOTIATE_OEM (0x00000002) NEGOTIATE_NTLM_KEY (0x00000200) > Does anyone know if wget (latest version) is able to support NTLMV2 (vs. > NTLM)? A year ago, I dug into NTLM authentication and rewrote http-ntlm.c so that it sends (and supports) the following flags: NEGOTIATE_UNICODE (0x00000001) NEGOTIATE_OEM (0x00000002) NEGOTIATE_NTLM_KEY (0x00000200) NEGOTIATE_NTLM2_KEY (0x00080000) My code works with the servers in my work environment. However, I don't have access to a environment where I can tweak the settings in the Active Directory Controller and on the ISS machine so I was not able to thoroughly test wget against the various combinations of settings. Given that, Micah (who was maintainer at the time) wasn't willing to deploy my changes; a decision, with which I agree. Jim, if you have an environment in which you can facilitate testing with all the combinations of settings, we can test my code and then submit it to Giuseppe Scrivano (the current maintainer) for inclusion in a future release. By the way, I think we only need to test against all combinations of settings in a live environment once. If we capture all the exchanges between wget and the server then we can develop wget tests for all futures testing. For anyone who is interested, I have attached my versions of http-ntlm.c and http-ntlm.h, which were last tested against a development version of 1.12. I also had to patch http.c because at some point in time the code got reordered in a way that completely broke NTLM authentication. I know that this code will need some tweaking; in particular the bit to make TOUPPER work on both 1.11.4 and 1.12 is no longer needed. Tony
http.c.patch
Description: Binary data
http-ntlm.c
Description: Binary data
http-ntlm.h
Description: Binary data