The NTLM scripts were tied too closely with SMB and that accidentally resulted in some behaviors that weren't accurate (sometimes identifying the success of login attempts incorrectly). This branch fixes that behavior.
It also adds some other information to the log that the server provides to clients in the initial challenge message it sends.
The end result is that there are many cases before where ntlm activity wouldn't be logged into the ntlm.log at all (no log entry) but now there is something logged there so that you can see if a host is attempting to login over and over.
Looks like this just never got switched to a merge request, so I went ahead and merged it.