3.1.5.1.1 Client Initiates the NEGOTIATE_MESSAGE
When the client application initiates the exchange through SSPI, the NTLM client sends the NEGOTIATE_MESSAGE (section 2.2.1.1) to the server, which is embedded in an application protocol message, and encoded according to that application protocol.
If ClientBlocked == TRUE and targ_name ([RFC2743] section 2.2.1) does not equal any of the ClientBlockExceptions server names, then the NTLM client MUST return STATUS_NOT_SUPPORTED ([MS-ERREF] section 2.3.1) to the client application.<46>
The client prepares a NEGOTIATE_MESSAGE and sets the following fields:
The Signature field is set to the string, "NTLMSSP".
The MessageType field is set to NtLmNegotiate.
The client sets the following configuration flags in the NegotiateFlags field of the NEGOTIATE_MESSAGE:
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_UNICODE
If LM authentication is not being used, then the client sets the following configuration flag in the NegotiateFlags field of the NEGOTIATE_MESSAGE:
NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
In addition, the client sets the flags specified by the application in the NegotiateFlags field in addition to the initialized flags.
If the NTLMSSP_NEGOTIATE_VERSION flag is set by the client application, the Version field MUST be set to the current version (section 2.2.2.10), the DomainName field MUST be set to a zero-length string, and the Workstation field MUST be set to a zero-length string. If the NTLMSSP_NEGOTIATE_VERSION flag is not set by the client application, the Version field MUST be set to all-zero.