Hi
We are using Windows 2003 AD.
We have many different applications, and some need to authenticate to AD using either Kerberos or NTLM.
Could someone please clear a few things up for me -
i. Which one is the 'preferred' authentication mechanism - Kerboros or NTLM?
ii. MS products such as Outlook, SharePoint etc - which one do they use?
iii. If I used a product like Wireshark for example, is it possible to see which authentication mechanism was being used?
iv. Are there any benefits to using Kerberos over NTLM (or vice-versa)
v. Which one is the 'newer' protocol?
vi. Can their ports be changed?
Thanks for the info...so if we had an application that used NTLM to authenticate, what are the downsides of that for us? Should we push the vendors to utilise Kerberos?
Or are there any advantages of NTLM over Kerberos?