Change the rules for mschap auth to allow aux/cifs to interoperate with aquarela (also needs an unrelated patch to aquarela). It is valid to send the same response in both the LM and NTLM fields provided one of them is correct, if neither matches, or the two fields are different and either fails to match, the whole sha-bang fails. This is an improvment in security as it allows clients who wish to do ntlm auth (which is insecure) not to send lm tokens (which is very insecure). Windows servers supports clients doing this also though windows clients don't seem to use the feature. -Steve