• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

Need to disable NTLM but coldfusion is using it for domain authentication

New Here ,
Jul 26, 2021 Jul 26, 2021

Copy link to clipboard

Copied

Hello,

 

Due to a gigantic issue that Microsoft has said that they won't fix NTLM needs to be disabled in Windows environments. However it appears that CF only supports NTLM or BASIC authentication when integrated through IIS.

 

What exactly are we supposed to do if CF hasn't been updated in 20 years to support Kerberos 5?

Views

140

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Jul 27, 2021 Jul 27, 2021

Copy link to clipboard

Copied

LATEST

I'm a little confused about what you mean. IIS usually handles all the stuff you need for a user to go through Windows authentication, so you should be able to use NTLM or Kerberos as you like. You should also be able to use forms-based authentication. What can't CF do if you use Kerberos?

 

Also - and I could definitely be wrong about this - I wasn't aware that NTLMv2 was a problem. You should disable NTLMv1 I suppose, but that won't stop Windows clients from using NTLMv2 when connecting to an IIS server with both NTLM and Kerberos enabled (aka "Windows authentication").

 

Dave Watts, Eidolon LLC

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation