>It uses either Kerberos or NTLM based on the best protocol that can be negotiated >(using >the Negotiate protocol).
>I don�t believe you can disable the netlogon. Also, your question doesn�t make >sense to me >as the server IS using Kerberos (or NTLM) to authenticate the user to >AD.
Oh, I don't know that Netlogon uses either kerberos or NTLM, ethereal can't parse it, maybe bec it's being sent encrypted. So, how does it work ? It tries kerberos first and only if it doesn't work then it will try NTLM ?
>I don�t believe you can disable the netlogon. Also, your question doesn�t make >sense to me >as the server IS using Kerberos (or NTLM) to authenticate the user to >AD.
Oh, I don't know that Netlogon uses either kerberos or NTLM, ethereal can't parse it, maybe bec it's being sent encrypted. So, how does it work ? It tries kerberos first and only if it doesn't work then it will try NTLM ?
>If you want to ensure you are using Kerberos, you can set the OWA server
>to only allow Kerberos authentication. This can be set using a group
>policy.
Which policy ? Group Policy --> Computer Configuration --> Windows Settings -->Security Settings --> Local Policies --> Security Options --> ?
>to only allow Kerberos authentication. This can be set using a group
>policy.
Which policy ? Group Policy --> Computer Configuration --> Windows Settings -->Security Settings --> Local Policies --> Security Options --> ?
Thanks
lara
lara
Lara Adianto <[EMAIL PROTECTED]> wrote:
Hi list,
In the process of authenticating a user login to OWA, I noticed that the front end server use DC RPC RPC_Netlogon to authenticate the user to AD. However, as the stub data is encrypted, I couldn't really figure out how the authentication is actually done. Is it NTLM ? Kerberos ? or something else ?
Is there any way to disable RPC_Netlogon authentication and configure Front End to use kerberos to authenticate the user to AD ?
thanks
lara
------------------------------------------------------------------------------------
La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit
- Guy de Maupassant -
------------------------------------------------------------------------------------
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
------------------------------------------------------------------------------------
La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit
- Guy de Maupassant -
------------------------------------------------------------------------------------
Do you Yahoo!?
Express yourself with Y! Messenger! Free. Download now.
