KB 2786: Olfeo compatibility with different Windows authentication modes

Published December 20, 2023

Olfeo compatibility with different Windows authentication modes

Background1

As part of an explicit proxyOlfeo is attached to a Windows domain comprising at least one PDC (Primary Domain Controller) and possibly a second DC (Domain Controller ); Olfeo attempts to perform NTLM or Kerberos authentication.

Definitions


NTLM
NTLM (NT Lan Manager) is an authentication protocol used in various implementations of Microsoft network protocols and supported by the NTLMSSP (NT LM Security Support Provider). Originally used for secure authentication and negotiation, NTLM is also used throughout Microsoft systems as a singlesign-on mechanism.

Source: NT Lan Manager - Wikipedia

Kerberos Kerberos: Kerberos is a network authentication protocol based on a secret key mechanism (symmetrical encryption) and the use of tickets, not plaintext passwords, thus avoiding the risk of fraudulent interception of user passwords. Created at the Massachusetts Institute of Technology, it bears the Greek name of Cerberus, guardian of the Underworld (Κέρβερος). Kerberos was first implemented on Unix systems.

Source: Kerberos (protocol) - Wikipedia

 

Types of Windows authentication offered by Olfeo

Different types of authentication

Compatibility table

WS 2003 WS 2008 WS 2012 WS 2016 WS 2019
Olfeo v6.4 NTLM / Kerberos NTLM / Kerberos NTLM / Kerberos NTLM / Kerberos NTLM / Kerberos
Olfeo v6.5 NTLM / Kerberos NTLM / Kerberos NTLM / Kerberos NTLM / Kerberos NTLM / Kerberos