Showing results for 
Search instead for 
Did you mean: 

NTLM Authentication Breaks

I have a sporadic issue, wherein NTLM authentication simply just stops working.  I currently have 2 domain controllers with the NTLM agent loaded, and the IP addresses of those dc's in the WG7 auth server list.  When authentication stops working, the following steps seems to resolve.

1. removing all but 1 of the dc's in the auth server list on the WG - doesn't matter what one is removed or left in the list.

2. restarting the NTLM agent service.

3. this last time I had to restart the entire appliance.

When authentication is broken, I attempt to test authentication from the WG and receive the following:

Error:Overall Status "STATUS_ERROR":generic error Node "44454C4C-4700-1044-805A-C3C04F444E31" reports STATUS_ERROR_BAD_RESPONSE:co_distribute_admin_authenticate: while reading response - last action: first read

Any help or insight would be greatly appreciated.


Message was edited by: importminded on 2/3/11 10:15:09 AM CST
3 Replies
McAfee Employee jscholte
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: NTLM Authentication Breaks

This could be related to

Give it a read and let us know if that resolves it.


Re: NTLM Authentication Breaks

Thanks Jon.  This was the issue.  The release from McAfee came out long after the problem started showing itself.  Caused quite a headache for our company with authentication breaking for everyone.  At least it's fixed now.

I do have to ask, you or anyone, how can an update to the GTI Category Web Reputation break NTLM authentication, when the two realms seem completely unrelated???



Re: NTLM Authentication Breaks

It has to do with the OpenSSL package that's a componenet needed for both. It's used to communicate back to the cloud by the SDK and also to communicate with an NTLM agent or LDAPS server.

More McAfee Tools to Help You
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • Visit: Business Service Portal
  • More: Search Knowledge Articles
  • ePolicy Orchestrator Support

    • Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center