troubleshooting Question

Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and this server

Avatar of techcodr
techcodr asked on
NetworkingWindows OSWindows 10AzureWindows Server 2016
19 Comments2 Solutions11289 ViewsLast Modified:
Running dcdiag /v gives me the following warning

A warning event occurred.  EventID: 0x00001796
            Time Generated: 09/17/2018   18:28:17
            Event String:
            Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and this server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.

            NTLM is a weaker authentication mechanism. Please check:

                  Which applications are using NTLM authentication?
                  Are there configuration issues preventing the use of stronger authentication such as Kerberos authentication?
                  If NTLM must be supported, is Extended Protection configured?

            Details on how to complete these checks can be found at http://go.microsoft.com/fwlink/?LinkId=225699.

https://groups.google.com/forum/#!topic/microsoft.public.windows.server.active_directory/ISLY7NnqV-Y
Thanks for posting here!
There is a policy for this stuff.
Computer Configuration
-Windows Settings
--Security Settings
---Local Policies
----Security Options
Network security:LAN Manager authentication level
You may choose to "Send NTLMv2 response only\refuse LM & NTLM"

If you want to apply this to a domain, configure it at the default domain
controller policy.
Or you may configure it to your whole domain as well.
The Kerberos is the default mode and cannot be disabled and thus no need to
configure to allow it.
Hope it helps.
Have a great day!
Best Regards,
Jeff Qiu
Microsoft Online Partner Support
MCSE 2k/2k3, MCSA 2k/2k3, MCDBA
Get Secure! - www.microsoft.com/security

Windows Server 2016 Network security:LAN Manager authentication level  setting is not exactly in the same location as described but the setting is undefined.
Jeff says Kerberos is default so I assume  Network security:LAN Manager authentication level as undefined means I am running Keberos.
Can I ignore this warning?
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 2 Answers and 19 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 19 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros