1 Reply Latest reply on Oct 4, 2013 6:45 AM by amart

    Customizing NTLM Negotiation adequate to Microsoft Group Policies

    Troja

      Today i have a problem when NTLM Settings are set in a wrong way at a customer. The settings are done by Microsoft Group Policy. With some settings MWG is not able to authenticate clients using NTLM.

      Note: Kerberos is not possible

       

      Client: NTLM is set by group policies to use NTLM Negotiation (Send LM & NTLM - use NTLMv2 session security if negotiated)

      Domain Controler: NTLM is set by group policies to use NTLMv2 only (Send NTLMv2 response only. Refuse LM & NTLM)

       

      I know this settings is done wrong by the customer so NTLM cannot work.

       

      A workaround could be to setup MWG to negotiate NTLMv2 with the client and only using NTLMv2 with the domain controler.

       

      Has anyone an idea if this can be done on MWG??

       

      Cheers,

      Thorsten