Backup failing with NTLMv2 security policy

Availability for the Always-On Enterprise

Re: Backup failing with NTLMv2 security policy

Veeam Logoby Andreas Neufert » Fri Oct 21, 2016 7:22 pm 1 person likes this post

Based on internal and external feedback NTLMv2 only processing should work with actual versions. Kerberos only processing (disabled NTLM) has some limitations when not everything is in the same domain.

I just guess here at that point that Veeam will leave the authentication as is (extreme good and stable experience over the last 5 years) and will use Kerberos only processing as fallback. But this is only me guessing.
If this feature requests will make it into any update or v10 we will see and we have to wait on official feedback from our product management. As v10 features are not finalized yet it will take some time to say.

If you just read this post and are in the same situation please add your feedback here.
Andreas Neufert
Veeam Software
 
Posts: 2201
Liked: 360 times
Joined: Wed May 04, 2011 8:36 am
Location: Germany
Full Name: @AndyandtheVMs Veeam PM

Re: Backup failing with NTLMv2 security policy

Veeam Logoby sandsturm » Sat Oct 22, 2016 12:52 pm

Based on internal and external feedback NTLMv2 only processing should work with actual versions. Kerberos only processing (disabled NTLM) has some limitations when not everything is in the same domain.

Do you mean 9.5 with actual version? Because Version 9 does not work with disabled NTLM, even everything is in the same domain.
sandsturm
Enthusiast
 
Posts: 35
Liked: 1 time
Joined: Mon Mar 23, 2015 8:30 am

Re: Backup failing with NTLMv2 security policy

Veeam Logoby Andreas Neufert » Sun Oct 23, 2016 7:20 am 1 person likes this post

NTLM v1 disabled should work with v9 and 9.5

Kerberos only is something that Veeam discusses for one of the next versions. v10 features are not finalized yet. It is too soon to say.
Andreas Neufert
Veeam Software
 
Posts: 2201
Liked: 360 times
Joined: Wed May 04, 2011 8:36 am
Location: Germany
Full Name: @AndyandtheVMs Veeam PM

Re: Backup failing with NTLMv2 security policy

Veeam Logoby tsightler » Sun Oct 23, 2016 5:17 pm 1 person likes this post

sandsturm wrote:Do you mean 9.5 with actual version? Because Version 9 does not work with disabled NTLM, even everything is in the same domain.

I think the confusion comes because this thread started off referring to issues with disabling NTLMv1 and LM (the thread title is about NTLMv2). For example, even you original post on Oct 13th says:

sandsturm wrote:But as you said, Veeam Backup does not work with disabled NTLM (v1).

I'm not aware of any issues with NTLMv2 in current versions, for example, even my lab environment runs with "Send NTLMv2 response only/refuse LM and NTLM" set in the global domain policy.

There are certainly known issues when policies disable all NTLM versions.
tsightler
Veeam Software
 
Posts: 4769
Liked: 1737 times
Joined: Fri Jun 05, 2009 12:57 pm
Full Name: Tom Sightler

Previous

Return to Veeam Backup & Replication



Who is online

Users browsing this forum: Bing [Bot] and 14 guests