Meatball wrote on 2022-02-04, 20:40:
You don't need to downgrade security to allow all of those OSes to communicate with Windows 2000. If you have a desire to increase security, install the Active Directory Client pack for Windows 9x. This will provide NTLMv2 ability. Then you can set 2000 and XP back to NLVMv2 only. If you're keeping this around long term, it's a good idea to eliminate NTLMv1 (and LM) from your environment.
Generally speaking, it is a good idea, but here's the thing.
Windows 9x and Windows XP aren't the only machines that'll be serving as clients. I also have a machine that runs MS-DOS and Windows for Workgroups 3.11, the latter of which has Windows file sharing capabilities that would allow me to access files from servers running that service such as my Win2K server. So, I highly doubt that NTLMv2 is possible in this scenario.
I guess I can suffice for FTP, Telnet, or whatever for WFW 3.11 and think about NTLMv2 for the rest, but the key here is to maintain the convenience of not only accessing my files, but executing them as well. And I don't know of any other solutions than Windows File Sharing that would help me achieve the latter.
Also worth noting is that I might be considering sharing my files to my Macs as well since Windows 2000 Server has an option to enable file sharing for these computers. Although, since it uses the AFP protocol, it is completely separate from Windows File Sharing.
And one important thing too is that the Win2K machine in question is a RETRO Server, which is meant to serve older Windows XP machines and earlier ONLY. So, it's really not meant to do anything as serious as a modern server these days. Now sure, security is a concern and I wish I can push it as far as the server is capable of, but if one of my older machines can't access my server because of a certain protocol that the client cannot understand no matter what and/or the convenience is not there, that's something that I honestly would want to maintain.