Need to disable NTLM but coldfusion is using it for domain authentication

Question

Hello,

Due to a gigantic issue that Microsoft has said that they won't fix NTLM needs to be disabled in Windows environments. However it appears that CF only supports NTLM or BASIC authentication when integrated through IIS.

What exactly are we supposed to do if CF hasn't been updated in 20 years to support Kerberos 5?

Dave Watts · Answer

I'm a little confused about what you mean. IIS usually handles all the stuff you need for a user to go through Windows authentication, so you should be able to use NTLM or Kerberos as you like. You should also be able to use forms-based authentication. What can't CF do if you use Kerberos?

Also - and I could definitely be wrong about this - I wasn't aware that NTLMv2 was a problem. You should disable NTLMv1 I suppose, but that won't stop Windows clients from using NTLMv2 when connecting to an IIS server with both NTLM and Kerberos enabled (aka "Windows authentication").

Dave Watts, Eidolon LLC

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded