Create a Post
Showing results for 
Search instead for 
Did you mean: 

CP disable NTLMv1


I'm a bit confused about CPs use of NTLMv1.
Our Windows admins contacted us, beause they'd like to disable NTLMv1 on the DCs out of security concerns. Prior that, they did a check of the logs and they see NTLMv1 logs generated by our CP gateways. They asked us if it is possible to use NTLMv2 and disable v1..

We have AD Query in use, we have a MGMT on R81 and GWs on 80.40. 
A few months ago I already checked the NTLM setting on the MGMT via "adlog a", and "Use NTLMv2" is checked properly. (sk91462)

Despite that, the admins told us that they still see NTLMv1 logs originating from CP.


Does someone know if there is any other setting that needs to be changed in order to disable NTLMv1 completely?



0 Kudos
1 Reply

If you did what sk91462 describes, the next step is to configure DC to reject NTMLv1. AFAIK, even if the GW is set to use v2, it still tries v1 before anything else. I would recommend to run lab tests before making a production change

0 Kudos