NTLM Authentication failed despite login id and password is correct.

NTLM (NT Lan Manager) is a form of authentication protocol provided by Microsoft [Check NTLM -Wikipedia for details]. Though it is no longer recommended by Microsoft, some corporates are still using this authentication protocol for intranet system.

This issue risen when a hardened server (it is Windows 2003 for my case) trying to establish a NTLM authentication to Web front end server running SharePoint Application (Windows 2008 R2). The Standard NTLM successfully prompts for login and password. However, upon inserting the correct login id and password, the authentication got rejected. Further attempts led to a blank screen with no ERROR message. (which is what usually IIS will return)

Having checking on the Local Security Policy, it was found that the following configuration : Network Security : LAN Manager authentication level was set to “Send LM & NTLM – use NTLM v2 session security if negotiated

Set the setting to “Send NTLMv2 response only/refuse LM“.

and the authentication  is now WORKING!

Leave a Reply

Your email address will not be published. Required fields are marked *