Lemonde
  • Lemonde
  • 100% (Exalted)
  • Advanced Member Topic Starter
4 years ago
How can we increase to Kerberos - what would be using NTLM?


Log Name: System
Source: LsaSrv
Date: 3/27/2020 12:03:44 AM
Event ID: 6038
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: serverVM1.domain.local
Description:
Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and this server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.

NTLM is a weaker authentication mechanism. Please check:

Which applications are using NTLM authentication?
Are there configuration issues preventing the use of stronger authentication such as Kerberos authentication?
If NTLM must be supported, is Extended Protection configured?

http://go.microsoft.com/fwlink/?LinkId=225699 .
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="LsaSrv" Guid="{199fe037-2b82-40a9-82ac-e1d46c792b99}" EventSourceName="LsaSrv" />
<EventID Qualifiers="0">6038</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2020-03-27T00:03:44.000000000Z" />
<EventRecordID>9599610946</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>serverVM1.domain.local</Computer>
<Security />
</System>
<EventData>
</EventData>
</Event>

Sponsor

Want to thank us? Use: Patreon or PayPal or Bitcoins: bc1q4whppe29dw77rm4kv4pln0gqae4yjnxly0dny0hky6yhnafukzjsyrsqhk

All opinions expressed within these pages are sent in by members of the public or by our staff in their spare time, and as such do not represent any opinion held by sircles.net Ltd or their partners.