Which one to use: NTLM or Kerberos in SharePoint 2013?
Dear EE experts,
We would like to ask for tech support on which one to use: NTLM or Kerberos in SharePoint 2013.
Currently, we're setting up the SP2013 and we stopped at NTLM & Kerberos part, we want to ask first experts out there which one would you prefer. Because if we select NTLM, then it would be just a normal and common setup. But if we choose Kerberos, the problem is, we have no idea and experience in working using Kerberos...
- If we choose NTLM and we set Kerberos for some site application in Central Administration, that's possible right?
- Currently, we have external users who needs to access our site, they're being asked for their UN & PW, because of the Public IP site that we let them use, (http://xx.xxx.xx.xx:1111/products), and their PW expires every 41 days, because we set it from their account. Some are local accounts and some are using domain account. And the problem is, they have no idea that their password is about to expire already, how they will know if their password is expired already, the system just rejects them to login, and they will asked us to reset their password. So we want to change that to a simple login page, that will have a connection to SQL db if possible, and will alert the users if their password is about to expire.
- We've test to change from one of our site in CA, from NTLM to Kerberos, then refresh the site, it asked for UN & PW already. If we want to have our own Custom Login Page, where can we save that page?
That would be all for now, as some of our further questions are beyond our subject already... We'll just open a new question for that.
Thank you and hope to hear soon...
We would like to ask for tech support on which one to use: NTLM or Kerberos in SharePoint 2013.
Currently, we're setting up the SP2013 and we stopped at NTLM & Kerberos part, we want to ask first experts out there which one would you prefer. Because if we select NTLM, then it would be just a normal and common setup. But if we choose Kerberos, the problem is, we have no idea and experience in working using Kerberos...
- If we choose NTLM and we set Kerberos for some site application in Central Administration, that's possible right?
- Currently, we have external users who needs to access our site, they're being asked for their UN & PW, because of the Public IP site that we let them use, (http://xx.xxx.xx.xx:1111/products), and their PW expires every 41 days, because we set it from their account. Some are local accounts and some are using domain account. And the problem is, they have no idea that their password is about to expire already, how they will know if their password is expired already, the system just rejects them to login, and they will asked us to reset their password. So we want to change that to a simple login page, that will have a connection to SQL db if possible, and will alert the users if their password is about to expire.
- We've test to change from one of our site in CA, from NTLM to Kerberos, then refresh the site, it asked for UN & PW already. If we want to have our own Custom Login Page, where can we save that page?
That would be all for now, as some of our further questions are beyond our subject already... We'll just open a new question for that.
Thank you and hope to hear soon...
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you for your kind explanation...
ASKER
From your response, it's obvious that you prefer Kerberos authentication rather than NTLM.
We know that this is painful way, and we don't have any experience with Kerberos Authentication, is there any guidance that you could give in regards to using Kerberos in SharePoint 2013?
Thank you and hope to hear again...