It's time to retire NTLM - but how? Richard chats with Steve Syfuhs about the need and challenge of retiring an ubiquitous authentication protocol first used in the 1990s. While guidance to move away from NTLM has been available since 2010, it has only become feasible in the past couple of years, and Microsoft is now providing tooling to make the transition easier. Steve discusses enabling auditing of NTLM usage - recent improvements will allow you to view which services rely on NTLM. Sometimes, a configuration change can resolve the problem, and now there is Microsoft Negotiate to help as an intermediary in determining which protocol to use. Retiring NTLM won't happen overnight, but it will happen, and you can start preparing for it today. And if you need help or advice, email ntlm@microsoft.com!
Links
- NTLM Blocking and You
- Deprecating NTLM is Easy and Other Lies
- Microsoft Negotiate
- Remote Desktop Gateway Role
- Kerberos on Windows Server
- The Evolution of Windows Authentication
Recorded September 25, 2025
信息
- 节目
- 频率一周一更
- 发布时间2025年10月15日 UTC 00:00
- 长度54 分钟
- 单集1006
- 分级儿童适宜