Loss of NTLM

Answered
0

I’m running windows server 2019 and the windows server essentials for the backup and DNS functions, based on your website. You’ve been a great help!!!

All has been going very well for years! However, around January 1, MS appears to have shut off NTLM protocol which clients apparently use to communicate with the server. My machines show Offline now, unless I’ve reenabled NTLM. A couple of questions:

My windows 11 Pro clients are back up and running fine, with a small policy change to reenable NTLM! However my two windows 11 home boxes are still offline with my failed attempts to restore NTLM. Any ideas?

Second question: Assuming that MS will continue to mess with us, is there a way to get Essentials to use Kerberos instead of NTLM? That seems to be where MS is pushing us. I know that we are living on borrowed time, but didn’t expect it to get messed up this early!

Any thoughts appreciated!

WSEE Installer / WSEE Updater
  • You must to post comments.
Filter
Sort by: Oldest First
Post Answer
Good Answer
0

Odd as I’m not seeing any issue with connecting Windows 11 client computers up to (a straight out-of-the-box install of) Windows Server 2019, 2022, or 2025. Did you follow the tips I’ve given for doing that over in the “Suggestions, Limitations, and Known Issues” section of my main WSEE on 2019/2022/2025 article?

Also, if your Windows 11 client computers were recently upgraded to version 24H2, then they most likely became disconnected from the server during the upgrade process (and would show as being “offline” within the DEVICES page of the server Dashboard). If so, then you will need to completely uninstall the “Client Connector for Windows server Essentials” program from the client computer, restart it, and then reinstall the client connector software on it once again (by going to https://YourServerName/connect).

Additionally, if the client computer was previously joined to the domain, then you’ll most likely want to temporarily add Microsoft’s SkipDomainJoin setting to the registry of the client computer BEFORE running the client connector software on it, and then delete it afterwards. Doing that will prevent the client connector software from trashing the user profile that’s currently in use on the client computer (i.e. it’ll prevent it from trying to completely rejoin the domain again when reinstalling the client connector).

As for forcing the client computer to connect to the server via Kerberos… I know of no way to do that, and I imagine that doing so is not possible (i.e. something like that would most likely take a complete rewrite from Microsoft, and at this point, I seriously doubt that’s something Microsoft would be willing to do seeing as they’ve pretty much given up on Essentials now).

  • You must to post comments.
Showing 1 result
Your Answer
Post as a guest by filling out the fields below, or you may to post using your existing user account (register to create a user account if you do not already have one). Guest's questions will be moderated before being posted. NOTE: Your email address will not be published, nor will it be used for marketing purposes, etc. (as per our privacy statement).
Name*
E-mail*
Answer Details*
Screenshots
File Name Size
There are currently no files uploaded.
Maximum number of files 4, maximum file size 5MB.
Supported file formats: gif jpeg jpg png

Featured Questions

Recent Questions & Answers

Q&A Toolbox

Log in | Register

Ask a question

View all questions