RE: NTLMFrom: Rocky Stefano (email@example.com)
- Previous message: Scott Grundeen Strehlow: "RE: Running IIS locally - advice?"
- In reply to: Kevin and Laura Brown: "NTLM"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Rocky Stefano" <firstname.lastname@example.org> To: "Focus on MicroSoft" <email@example.com> Subject: RE: NTLM Date: Tue, 2 Oct 2001 10:54:17 -0400 Message-ID: <OFEPIIBCPHNHOMCPOOPDKEGHEBAA.firstname.lastname@example.org>
NTLMv2 is what you should use in a mixed W2K/NT4 domain. If all your clients
are W2K you should use Kerberos authentication which is native in W2K. One
caveat to this is RAS. Even if you are running a native W2K forest/domain
and are using Kerboros anyone using RAS to dialin still has to use NTVLM to
authenticate. PSS has said it will stay like this for AWHILE
From: Kevin and Laura Brown [mailto:email@example.com]
Sent: October 1, 2001 10:05 PM
To: Focus on MicroSoft
What are the security implications of using NTLM? Is NTLM encrypted? What
are the alternatives in a Win2K environment (meaning native to the OS. I'm
not interested in solutions like smart cards for my current needs)? What
are the pros and cons of using NTLM vs other Win2K authentication schemes?
Basically, I'm trying to determine if NTLM is the best course of action for
securing remote user authentication in a Win2K LAN for services such as
telnet. Also, which services can use NTLM? I know this is a lot of
questions, and I plan on reading the technet site for a better understanding
of how it works, but I wanted to get some professional opinions on its
Thanks in advance,