New Question
 
 
PRTG Network Monitor

Intuitive to Use.
Easy to manage.

200.000 administrators have chosen PRTG to monitor their network. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free PRTG
Download >>

 

What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

 

Top Tags


View all Tags


WMI NTLM Connection

Votes:

0

Your Vote:

Up

Down

Dear Support,

we need to specify NTLM Authentication in our domain, as we need to configure an external host with Kerberos and want to avoid NTLM Traffic to that host. My planned way was to activate Network Security: Restrict NTLM: NTLM authentication in this domain is set to Deny. On my way to that i found, that PRTG uses NTLM to authenticate with WMI.

Is there any way to use Kerberos instead?

As read in this https://technet.microsoft.com/en-us/library/ee156574.aspx it is possible to set WMI to Kerberos login only, but i do not want to test this scenario as my PRTG connection would brake. In my case i wanted to only set the exception list to active and used Servers, which need NTLM for Userlogin. WMI is not on my roadmap, as this would complicate my configuration.

The manual also only points to NTLM: https://owimonitor/help/group_settings.htm#windowsconnection

Thanks in advance =)

authentication kerberos ntlm prtg windows wmi

Created on Dec 28, 2015 3:50:02 PM by  pstuerze (3) 1



4 Replies

Votes:

0

Your Vote:

Up

Down

Hi,

I'm afraid that it will not be possible to configure an exception list nor to change the WMI NTLM authentication to Kerberos, sorry. You can consider to switch the monitoring protocol to i.e. SNMP if this better suits your needs, changing the WMI requests will not be possible.

Best regards, Felix

Created on Dec 29, 2015 12:41:15 PM by  Felix Saure [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Dear Felix,

I need to configure an exception list to get NTLM working only in my domain as the external webserver will have a domain name in our domain. So my only chance is to configure exceptions for every monitored server, which is not so smooth, as i need to add every new server to the next list in my GPO settings (it is a manual list, no AD Groups are valid).

Thanks for the fast feedback. Thread can be closed.

Regards PS

Created on Dec 29, 2015 4:28:37 PM by  pstuerze (3) 1



Votes:

0

Your Vote:

Up

Down

Can we force PRTG to use Kerberos only, and completely disable LM and NTLM?

Created on Jun 15, 2017 6:27:41 PM by  Chris Nickelby (0)



Votes:

0

Your Vote:

Up

Down

Hello Chris,

As mentioned above, this is not possible, sorry.

Best regards, Felix

Created on Jun 16, 2017 8:43:11 AM by  Felix Saure [Paessler Support]



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.