Customer called me again, why my file share folder can not access any more after upgrade to Windows 2008 R2?
Yes, it is a little change in windows 2008 r2 in NTLM Authentication which lead to such scenario. So what is happening? it is called NTLM 128-bit minimum session security. In Windows 7 and Windows Server 2008 R2, NTLM-based minimum session security policy is set to require a minimum of 128-bit encryption for both client computers and servers for new installations of Windows. This requires that all network devices and operating systems using NTLM support 128-bit encryption. Existing session security will be retained when upgrading Windows from an earlier Windows version. If you want to change back to use weaker encryption (40-bit or 56-bit which is used in Windows 2003) , change below settings in Domain group policy and Domain Controller policy (Domain Environment ) or local group policy (Workstation Mode) .
- Network security: Minimum session security for NTLM SSP based (including secure RPC) clients
- Network security: Minimum session security for NTLM SSP based (including secure RPC) servers
- Network security: Allow Local System to use computer identity for NTLM