RSS

the biggest thing you should know before upgrade to windows 2008 R2

22 Feb

Customer called me again, why my file share folder can not access any more after upgrade to Windows 2008 R2?

Yes, it is a little change in windows 2008 r2 in NTLM Authentication which lead to such scenario. So what is happening? it is called NTLM 128-bit minimum session security. In Windows 7 and Windows Server 2008 R2, NTLM-based minimum session security policy is set to require a minimum of 128-bit encryption for both client computers and servers for new installations of Windows. This requires that all network devices and operating systems using NTLM support 128-bit encryption. Existing session security will be retained when upgrading Windows from an earlier Windows version. If you want to change back to use weaker encryption (40-bit or 56-bit which is used in Windows 2003) , change below settings in Domain group policy and Domain Controller policy (Domain Environment ) or local group policy (Workstation Mode) .

  • Network security: Minimum session security for NTLM SSP based (including secure RPC) clients
  • Network security: Minimum session security for NTLM SSP based (including secure RPC) servers
  • Network security: Allow Local System to use computer identity for NTLM

image image image

Advertisements
 
Leave a comment

Posted by on February 22, 2011 in Windows Server

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: