MS Windows XP Home does not have facilities to become a domain member, and it cannot participate in domain logons.
The following versions of MS Windows fully support domain security protocols.
All current releases of Microsoft SMB/CIFS clients support authentication via the
SMB challenge/response mechanism described here. Enabling clear-text authentication
does not disable the ability of the client to participate in encrypted authentication.
Instead, it allows the client to negotiate either plaintext or encrypted password
MS Windows clients will cache the encrypted password alone. Where plaintext passwords
are re-enabled through the appropriate registry change, the plaintext password is never
cached. This means that in the event that a network connections should become disconnected
(broken), only the cached (encrypted) password will be sent to the resource server to
effect an auto-reconnect. If the resource server does not support encrypted passwords, the
auto-reconnect will fail. Use of encrypted passwords is strongly advised.
Advantages of Encrypted Passwords
Plaintext passwords are not passed across the network. Someone using a network sniffer
cannot just record passwords going to the SMB server.
Plaintext passwords are not stored anywhere in memory or on disk.
Windows NT does not like talking to a server that does not support encrypted passwords. It will refuse to
browse the server if the server is also in user-level security mode. It will insist on prompting the user for
the password on each connection, which is very annoying. The only thing you can do to stop this is to use SMB
Encrypted password support allows automatic share (resource) reconnects.
Encrypted passwords are essential for PDC/BDC operation.
Advantages of Non-Encrypted Passwords
Plaintext passwords are not kept on disk and are not cached in memory.
Plaintext passwords use the same password file as other UNIX services, such as Login and FTP.
Use of other services (such as Telnet and FTP) that send plaintext passwords over
the network makes sending them for SMB not such a big deal.