Windows Server 2008 Thread, Terminal Server 2008 NTLMV2 issues! in Technical; Hey All,
Just polishing off my Terminal Server 2008 setup and have left this issue to last...
I'm trying to ...
-
7th April 2008, 10:01 AM #1 
- Rep Power
- 12
Terminal Server 2008 NTLMV2 issues!
Hey All,
Just polishing off my Terminal Server 2008 setup and have left this issue to last...
I'm trying to get my clients to use NTLMV2 to authenticate, however they seem to be only authenticating to the Gateway using NTLMV1...
I have setup the computer I'm using to test the RDP connection to use Security Policy: Send NTLMv2 response only/refuse LM and NTLM
However it seems to be only Authenticating Using NTLM... so I went onto the Terminal Server and setup a Network Policy Constraint to use Authentication Methods of (MS-CHAP-V2) rather then Allow Clients to connect without negotiating an authentication method.
However when I do this I get the following error:
The user "domain\testuser", on client computer "10.1.1.40", did not meet connection authorization policy requirements and was therefore not authorized to access the TS Gateway server. The following authentication method was attempted: "NTLM". The following error occurred: "23003".
Currently a user will go to the gateway, which will then authorise the user to access the terminal server. The gateway checks the users details using a radius server, then the network policy is applied... and then the user is logged on… (At the moment only using NTLMV1 )
Any Ideas…?
DK
-
-
IDG Tech News
-
7th April 2008, 10:28 AM #2 To 'require' NTLMv2 means you must also 'require' 128-bit encyption. If you do not do both of these, than NTLM will be negotiated instead.
-
-
7th April 2008, 11:23 AM #3
- Rep Power
- 12
Originally Posted by
Geoff 
To 'require' NTLMv2 means you must also 'require' 128-bit encyption. If you do not do both of these, than NTLM will be negotiated instead.
Here comes the noob question....
Any ideas where I would specify this on the Gateway Policy? I have specified the 128bit Encryption on the network policy... but this negotiates the use of NTLMV1 not V2.
I suspect that I am authenticating to the gateway using NTLM... which is causing the issue... but I can't see where I can specify which sort of connection to negotiate using NTLMV2.
-
-
7th April 2008, 12:35 PM #4 I believe you must enforce it in the connection authorization policy.
-
SHARE:
Similar Threads
-
By benIT in forum Windows Server 2008
Replies: 5
Last Post: 15th April 2008, 10:39 PM
-
By cookie_monster in forum Windows Server 2008
Replies: 10
Last Post: 15th April 2008, 04:01 PM
-
By ZeroHour in forum Windows Server 2008
Replies: 9
Last Post: 25th March 2008, 11:57 PM
-
By Nexus-6 in forum Educational Software
Replies: 6
Last Post: 4th February 2008, 07:54 PM
-
By wesleyw in forum Thin Client and Virtual Machines
Replies: 8
Last Post: 26th February 2007, 02:03 PM
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
LinkBack URL
About LinkBacks
Reply With Quote
