Fixing NTLM authentication in Windows 2003

We had an application written in C# .Net, which used to communicate with Alfresco Enterprise Document/Content Management System. The application was using Alfresco’s NTLM component for authenticating users against their AD (Active Directory) user account.

The application worked perfectly while we were testing it on Windows XP system. However, on Windows 2003 64 Bit system, the application started failing as it could not authenticate users on alfresco server using NTLM.

So we had a situation where NTLM authentication used to fail only when our application was running on Windows 2003 Operating System. We tried disabling “Internet Explorer Enhanced Security Configuration”, but it didn’t help. Finally, after spending a lot of time on Google, we came across following article on Microsoft Knowledge Base:

You may experience authentication issues when you access a network-attached storage device after you upgrade to Windows Server 2008, to Windows Vista, to Windows Server 2003, or to Windows XP

This article talks about configuring the system to use appropriate NTLM version. In our Windows 2003 system, the value of “lmcompatibilitylevel” (Under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA subkey) was set to 2. We just changed this value to 1, and the client application started working properly in Windows 2003 system as well.

If you are also facing a similar issue on Windows 2003, then you can try the solution mentioned here. If setting the value of “lmcompatibilitylevel” to 1 makes no difference, then change this value to 0, which is the default value of “lmcompatibilitylevel” in Windows XP.