Migrating from NTLM to Negotiate in a nutshell

Migrating to Negotiate from NTLM is quite simple in most cases.  It breaks down into these four simple steps: First, build an SPN for your Service When I talk to people about using Negotiate, there’s often this moment of terror when they realize they’re going to have to build an SPN.  I’ve got my theories…

1

NTLM’s time has passed

  IMHO, Microsoft’s NTLM authentication protocol is getting a bit long on the tooth.  Although we still support it for various reasons (many of which are obvious), you should look very sternly upon it if your application uses it.  In case you’re not familiar with the NTLM protocol, there’s a great write-up at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthn/security/microsoft_ntlm.asp.  There’s…

1