Additional resources for NTLM

Updated: November 21, 2012

Applies To: Windows 7, Windows 8, Windows Server 2008 R2, Windows Server 2012

This topic lists additional documentation produced by Microsoft that can help you about assess and restrict NTLM authentication traffic, including knowledge base articles and security policy settings.

The following documentation resources can help you understand and restrict NTLM usage in your environment.

• Microsoft NTLM (Windows)

  This topic describes the architecture of the NTLM Security Support Provider (SSP) package.

• Server applications may be incompatible with default behavior of authentication protocols by Windows 7 clients

  This knowledge base article discusses compatibility issues in Windows Server 2008 R2 and Windows 7 that might impact your assessment of NTLM usage in your environment.

• Policies to assess and restrict NTLM usage:

  • Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication

  • Network security: Restrict NTLM: Add server exceptions in this domain

  • Network Security: Restrict NTLM: Incoming NTLM Traffic

  • Network Security: Restrict NTLM: NTLM authentication in this domain

  • Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers

  • Network Security: Restrict NTLM: Audit Incoming NTLM Traffic

  • Network Security: Restrict NTLM: Audit NTLM authentication in this domain

• Policies to expedite forest searches:

  • Use forest search order – Reference for the KDC on the domain controller.

  • Use forest search order - Reference for Kerberos on the client computer.

See Also

Concepts

Auditing and restricting NTLM usage guide