Remote Access Server (RAS) PPP MD5-Challenge Handshake Authentication Protocol (CHAP) Authenticator Support

• Microsoft Windows NT Server versions 4.0 SP3, 4.0 SP4
• Microsoft Windows NT Workstation versions 4.0 SP3, 4.0 SP4

SUMMARY

Windows NT 4.0 Service Pack 3 and Service Pack 4 provide limited PPP MD5- CHAP authenticator support to the Remote Access Server (RAS), which may be useful for small user-count environments using non-Microsoft PPP dial-in clients. The support is local to a given RAS server. The MD5 account information is stored in the RAS server registry and is not integrated or synchronized with the User Manager account database. Integrated support will appear in a later release, at which time this limited support may be removed.

MORE INFORMATION

The local MD5-CHAP authenticator is enabled by creating the MD5 key below and adding "account" subkeys of the form [<domain>:]<user>, with subvalue "Pw" containing the account password. The ":" notation is used instead of "\" due to the syntax rules of registry keys. The 'domain:' is optional and typically omitted. MD5-CHAP will not be negotiated (old behavior) when the MD5 key does not exist (default).

HKLM\SYSTEM\CurrentControlSet\Services\RasMan\PPP\CHAP\MD5
[<domain>:]<user>(REG_SZ)Pw

Additional query words: 4.00 sp4 sp3

Keywords          : NT4SP4Fea 
Version           : WinNT:4.0
Platform          : winnt 
Issue type        : kbinfo 

Last Reviewed: February 8, 1999