Home Deprecated Microsoft Officially Retires NTLM | WinPoints

Microsoft Officially Retires NTLM | WinPoints

June 5, 2024

Several months ago we received news that Microsoft Will Remove NTLM Authentication in Windows 11and while NTLM authentication can still be used by business and enterprise users, built-in apps and services have reportedly encountered issues, which is why Microsoft has added two new authentication features to Kerberos.

So regarding this, Microsoft has recently updated it page deprecated feature from Windows OS, where NTLM or New Technology Lan Manager has been added there.

This NTLM retirement includes all versions of NTLM including LANMAN, NTLMv1 and NTLMv2, but in addition Microsoft also added that they will continue to work on “the next release of Windows Server and the next annual release of Windows” which means NTLM authentication will work in the 2024 Update for Windows 11, version 24H2.

All versions of NTLM, including LANMAN, NTLMv1, and NTLMv2, are no longer under active feature development and are deprecated. The use of NTLM will continue to work in subsequent releases of Windows Server and subsequent annual releases of Windows.

Calls to NTLM should be replaced with calls to Negotiate, which will try to authenticate with Kerberos and only fall back to NTLM when necessary.

Reasons Why Retired?

According to explanation Microsoft, the reason behind this move is to improve authentication security as more modern protocols like Kerberos are better in that regard. Microsoft has now also recommended using the Negotiate protocol so it will only fall back to NTLM when Kerberos is not available.

In many cases, applications should be able to replace NTLM with Negotiate using a one-line change in their AcquireCredentialsHandle request to the SSPI. One known exception is for applications that have made hard assumptions about the maximum number of round trips needed to complete authentication. In most cases, Negotiate will add at least one additional round trip. Some scenarios may require additional configuration.

And in fact, NTLM itself has been available since 1993 which is certainly quite outdated when compared to the more modern Kerberos which was introduced in Windows 2000 Service Pack 4 (SP4).

Via: Microsoft

Source link

Microsoft Officially Retires NTLM | WinPoints

Reasons Why Retired?

LEAVE A REPLY Cancel reply

POPULAR POSTS

How to apply for a loan at AdaKami and simulation (latest)

How to Leave the Windows Insider Program on Windows 11

8 mutual funds that pay dividends and mechanisms

Microsoft Confirms Windows Defender Remove Shortcut in Windows 10

Microsoft and Tencent Partnership: Unlocking WSA Opportunities on Windows 11

MY FAVORITES

Apple Releases VisionOS 1.1 Update to the Public

How to activate and use DANA Paylater

Hot : Microsoft Edge Can Be Removed on Windows 11 Enterprise LTSC

Need NPU? These are the requirements for using Paint Cocreator

POPULAR POSTS

Microsoft May Make Old Context Menu an Accessibility Feature in Windows...

How to Change Application Default Graphic Settings in Windows 11

Inside Bar Strategy for Trading

POPULAR CATEGORY

Microsoft Retires DirectAccess, Users Recommended to Use Always On VPN