Hi,
I need your help to understand the NTLM authentication level. I am quite confused with NTLM authentication levels.
For Example,
In Scenario 1, If my Client machine ClientA has following setting configured.
Send NTLM response only - Client devices use NTLMv1 authentication, and they use NTLMv2 session security if the server supports it. Domain controllers accept LM, NTLM, and NTLMv2 authentication.
And this ClientA try to access MemberServerA & We have DC1 and on MemberServerA and DC1 we have following NTLM setting configured.
Send NTLMv2 response only. Refuse LM - Client devices use NTLMv2 authentication, and they use NTLMv2 session security if the server supports it. Domain controllers refuse to accept LM authentication, and they'll accept only NTLM and NTLMv2 authentication.
Then what will happen? how NTLM authentication will be performed in this scenario 1.
Now In Scenario 2, If my Client machine ClientA has following setting configured.
Send NTLM response only - Client devices use NTLMv1 authentication, and they use NTLMv2 session security if the server supports it. Domain controllers accept LM, NTLM, and NTLMv2 authentication.
And this ClientA try to access MemberServerA & We have DC1 and on MemberServerA and DC1 we have following NTLM setting configured.
Send NTLMv2 response only. Refuse LM & NTLM - Client devices use NTLMv2 authentication, and they use NTLMv2 session security if the server supports it. Domain controllers refuse to accept LM and NTLM authentication, and they'll accept only NTLMv2 authentication.
Then what will happen? how NTLM authentication will be performed in this scenario 2.
We have configured Client, Server and DC with following setting but still I can see in the logs that Client and Member server still using NTLMv1.
Send NTLMv2 response only. Refuse LM - Client devices use NTLMv2 authentication, and they use NTLMv2 session security if the server supports it. Domain controllers refuse to accept LM authentication, and they'll accept only NTLM and NTLMv2 authentication.
Thanks,
Raj