Use these settings to configure Windows Authentication - NTMLv2 without using LDAP authorization.
(If instead you want to use LDAP, click Use LDAP to restrict access to Window Authentication - NTLMv2 sessions.). Click , click and proceed with
Enter the settings toor an NTLM server for Single Sign-on through Windows Authentication:
Choose and enter either
IP address or DNS name of the Active Directory Domain Controller.
The first 15 characters of the domain controller’s host name, for example, myComputer.
Note: The term is called pre-Windows 2000 in some Windows utilities.
— or —
The first 15 characters of the left-most label in the DNS domain name.
Example: For the DNS domain name mydomain.mycompany.com, enter the NetBIOS domain value mydomain.
HINT:To obtain the NetBIOS name for a domain on Windows Server 2000 or higher:
Open the Active Directory domain.msc).snap-in (
In the console tree, right-click the domain and select.
The NetBIOS name.(pre-Windows 2000) field displays the
On Windows Server 2008 or higher, you can also use the Active Directory module for Windows PowerShell to find the NetBIOS name of a domain in Active Directory Domain Services.
On Windows Server 2008 only, if the Active Directory module is not available, you may need to install it first, using this PowerShell command:
This example demonstrates how to find the NetBIOS name of the domain called mydomain.com:
Get-ADDomain -Identity mydomain.com | findstr /I NetBIOSName
A computer account in the Active Directory domain. A computer account is different than a user account. The computer account should not be associated with an actual physical or virtual computer.
To specify the Computer account for servicing
A computer account's syntax is the pre-Windows 2000 computer name, followed by a $ sign, followed by the @ symbol, and then the DNS domain name.
Syntax: <Computer name (pre-Windows 2000)>$@<DNS domain name>
For example, if the Computer name is ReflServiceAccount, the pre-Windows 2000 Computer name is REFLSERVICEACCO and the computer account is: REFLSERVICEACCOemail@example.com
If the password of the computer account is not already known, it must be explicitly reset in Active Directory. You can reset a computer account’s password using a simple VBScript, or the ADSI Edit tool.
This action checks the NTLMv2 connection to be sure the server is listening and is in fact a domain controller. The test attempts to authenticate to the server using the IP address or alias for the domain controller, the NetBIOS hostname, computer account, and password.
Note: The Domain is not tested and could still be a cause for error later in the authentication process.
If the result is Success, click .
Iffails, check the logs and resolve the issue before continuing.
To add another server, see Adding Another Server for Windows Authentication NTLMv2.