01-29-2024 06:30 AM
Hello team,
We need to know if in PanOS 10.2.x version the NTLM functionality is possible to have it configured. Is possible configure NTLM in version 10.2.x?
If it is not possible to have it configured, we want to know in which official documentation it is indicated that it cannot be used and other alternative.
Finally, we need to know how it would be necessary to configure Kerberos to perform the same function as NTLM.
This is to configure a login on a PC in the domain, without taking into account the captive portal.
Regards
01-29-2024 08:11 PM
Hello @Alpalo
based on documentation: NTLM Authentication and release notes of PAN-OS 10: PAN-OS 10.0 Upgrade/Downgrade Considerations the last PAN-OS version supporting NTLM was PAN-OS 9.1. Here is the section from release notes: "The NT LAN Manager (NTLM) authentication protocol has been removed in this release. We recommend using Kerberos Single Sign-On (SSO) or Security Assertion Markup Language (SAML) for SSO authentication."
To configure SSO with Kerberos you need to create keytab: How To Generate Kerberos Keytab for SSO.
Kind Regards
Pavel
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
