diff --git a/libfreerdp/core/ntlm.c b/libfreerdp/core/ntlm.c
index a809dce80..a8e215ddd 100644
--- a/libfreerdp/core/ntlm.c
+++ b/libfreerdp/core/ntlm.c
@@ -131,6 +131,12 @@ BOOL ntlm_client_make_spn(rdpNtlm* ntlm, LPCTSTR ServiceClass, char* hostname)
 	hostnameX = hostname;
 #endif
 
+	if (!ServiceClass)
+	{
+		ntlm->ServicePrincipalName = (LPTSTR) _tcsdup(hostnameX);
+		return TRUE;
+	}
+
 	SpnLength = 0;
 	status = DsMakeSpn(ServiceClass, hostnameX, NULL, 0, NULL, &SpnLength, NULL);
 
diff --git a/libfreerdp/core/rpc.c b/libfreerdp/core/rpc.c
index 892938a91..154d56d13 100644
--- a/libfreerdp/core/rpc.c
+++ b/libfreerdp/core/rpc.c
@@ -317,13 +317,17 @@ BOOL rpc_ntlm_http_out_connect(rdpRpc* rpc)
 	{
 		ntlm_client_init(ntlm, TRUE, settings->Username,
 			settings->Domain, settings->Password);
-		ntlm_client_make_spn(ntlm, _T("HTTP"), settings->GatewayHostname);
+
+		ntlm_client_make_spn(ntlm, NULL, settings->GatewayHostname);
+		//ntlm_client_make_spn(ntlm, _T("HTTP"), settings->GatewayHostname);
 	}
 	else
 	{
 		ntlm_client_init(ntlm, TRUE, settings->GatewayUsername,
 			settings->GatewayDomain, settings->GatewayPassword);
-		ntlm_client_make_spn(ntlm, _T("HTTP"), settings->GatewayHostname);
+
+		ntlm_client_make_spn(ntlm, NULL, settings->GatewayHostname);
+		//ntlm_client_make_spn(ntlm, _T("HTTP"), settings->GatewayHostname);
 	}
 
 	ntlm_authenticate(ntlm);
@@ -380,13 +384,17 @@ BOOL rpc_ntlm_http_in_connect(rdpRpc* rpc)
 	{
 		ntlm_client_init(ntlm, TRUE, settings->Username,
 			settings->Domain, settings->Password);
-		ntlm_client_make_spn(ntlm, _T("HTTP"), settings->GatewayHostname);
+
+		ntlm_client_make_spn(ntlm, NULL, settings->GatewayHostname);
+		//ntlm_client_make_spn(ntlm, _T("HTTP"), settings->GatewayHostname);
 	}
 	else
 	{
 		ntlm_client_init(ntlm, TRUE, settings->GatewayUsername,
 			settings->GatewayDomain, settings->GatewayPassword);
-		ntlm_client_make_spn(ntlm, _T("HTTP"), settings->GatewayHostname);
+
+		ntlm_client_make_spn(ntlm, NULL, settings->GatewayHostname);
+		//ntlm_client_make_spn(ntlm, _T("HTTP"), settings->GatewayHostname);
 	}
 
 	ntlm_authenticate(ntlm);
diff --git a/winpr/libwinpr/sspi/NTLM/ntlm_message.c b/winpr/libwinpr/sspi/NTLM/ntlm_message.c
index 8fb0ec0d8..eee8c49b4 100644
--- a/winpr/libwinpr/sspi/NTLM/ntlm_message.c
+++ b/winpr/libwinpr/sspi/NTLM/ntlm_message.c
@@ -937,6 +937,9 @@ SECURITY_STATUS ntlm_write_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer
 	message.LmChallengeResponse.Len = (UINT16) context->LmChallengeResponse.cbBuffer;
 	message.LmChallengeResponse.Buffer = (BYTE*) context->LmChallengeResponse.pvBuffer;
 
+	if (context->NTLMv2)
+		ZeroMemory(message.LmChallengeResponse.Buffer, message.LmChallengeResponse.Len);
+
 	message.NtChallengeResponse.Len = (UINT16) context->NtChallengeResponse.cbBuffer;
 	message.NtChallengeResponse.Buffer = (BYTE*) context->NtChallengeResponse.pvBuffer;