Hi, According to the NTLM protocol specification found at http://download.microsoft.com/download/a/e/6/ae6e4142-aa58-45c6-8dcf-a657e5900cd3/%5BMS-NLMP%5D.pdf, when the client does not accept the negotiated flags in the CHALLENGE MESSAGE it MUST return an error code to the calling application. However, when I tap the NIC using wireshark on my Windows Vista Machine, I don't see any such error code being returned. What I do see is that when using LMCompatibility level 0-1, the negotiation takes place and when the client receives the CHALLENGE MESSAGE it also returns an AUTHENTICATE MESSAGE. However, when setting the LMCompatibility level to 2-5, when the client receives the CHALLENGE MESSAGE, it just sends a new NTLMSSP NEGOTIATE message. This is not how I interpret the protocol should behave, or am I misunderstanding something? Thanks for quick support. Best Regards, Lukas