Chapter 28  NTLM authentication settings

Table of Contents

28.1  Setting NTLM in MS Outlook extended by the Kerio Outlook Connector

NTLM (NT LAN Manager) is an authentication type used on Windows for authentication against an Active Directory (or NT) domain.

First, the following conditions must be met:

NTLM authentication in Kerio MailServer must be set correctly, as follows:

  1. In the administration console, go to Domains (Configuration → Domains). Open the dialog with domain settings details and switch to the Advanced tab (see figure 28.1  Setting Windows NT domain name). Use the Windows NT Domain entry to specify NT domain name (the name usually matches the Active Directory domain name without the first level domain — NET, COM, etc.).

    Setting Windows NT domain name

    Figure 28.1. Setting Windows NT domain name


  2. In the administration console, go to Configuration → Advanced Options and enable the Allow NTLM authentication for users with Kerberos authentication (for Active Directory users) option on the Security Policy tab. Enable this option to allow Active Directory domain users to authenticate at Kerio MailServer upon their logon.

    Enabling the Allow NTLM authentication for users with Kerberos authentication option

    Figure 28.2. Enabling the Allow NTLM authentication for users with Kerberos authentication option


  3. In the administration console, open the Domain Settings → User Accounts section and set the Windows NT Domain option for user authentication. These parameters can be set on the General tab (see figure 28.3  User authentication settings).

    User authentication settings

    Figure 28.3. User authentication settings