Tech Info 125: Windows Vista and Windows 7 with AD/PDC authentication

HELIOS Tech Info #125

Mon, 11 Jan 2010

Windows Vista and Windows 7 with AD/PDC authentication

With the latest versions of Windows, e.g. Windows Vista/2008 and Windows 7, a connection to PCShare may fail if the HELIOS server is configured to authenticate users against an AD/PDC server.

This is because NTLM security is needed for AD/PDC authentication but since Windows Vista, only NTLMv2 is allowed by default.

To allow also NTLM in addition to NTLMv2, open the "Local Security Policy" editor on your Windows client. Navigate to "Local Policies" > "Security Options" and open the entry "Network security: LAN Manager authentication level". Select "Send LM & NTLM – use NTLMv2 if negotiated".

In the next version of HELIOS Base, the authentication server will support NTLMv2 security in combination with AD/PDC authentication.