Showing results for 
Search instead for 
Did you mean: 

NTLM Authentication Breaks

I have a sporadic issue, wherein NTLM authentication simply just stops working.  I currently have 2 domain controllers with the NTLM agent loaded, and the IP addresses of those dc's in the WG7 auth server list.  When authentication stops working, the following steps seems to resolve.

1. removing all but 1 of the dc's in the auth server list on the WG - doesn't matter what one is removed or left in the list.

2. restarting the NTLM agent service.

3. this last time I had to restart the entire appliance.

When authentication is broken, I attempt to test authentication from the WG and receive the following:

ErrorSmiley Surprisedverall Status "STATUS_ERROR":generic error Node "44454C4C-4700-1044-805A-C3C04F444E31" reports STATUS_ERROR_BAD_RESPONSE:co_distribute_admin_authenticate: while reading response - last action: first read

Any help or insight would be greatly appreciated.


Message was edited by: importminded on 2/3/11 10:15:09 AM CST
3 Replies
McAfee Employee jscholte
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: NTLM Authentication Breaks

This could be related to

Give it a read and let us know if that resolves it.


Re: NTLM Authentication Breaks

Thanks Jon.  This was the issue.  The release from McAfee came out long after the problem started showing itself.  Caused quite a headache for our company with authentication breaking for everyone.  At least it's fixed now.

I do have to ask, you or anyone, how can an update to the GTI Category Web Reputation break NTLM authentication, when the two realms seem completely unrelated???



Re: NTLM Authentication Breaks

It has to do with the OpenSSL package that's a componenet needed for both. It's used to communicate back to the cloud by the SDK and also to communicate with an NTLM agent or LDAPS server.

McAfee ePO Support Center Plug-in
Check out the new McAfee ePO Support Center. Simply access the ePO Software Manager and follow the instructions in the Product Guide for the most commonly used utilities, top known issues announcements, search the knowledgebase for product documentation, and server status and statistics – all from within ePO.