Jump to content
Welcome to our new Citrix community!

Safe to disable NTLMv2 Authentication for Storefront servers?

Matthias Heszlig

Recommended Posts

Hi all,


a customer did a security audit in which one result was that their Storefront servers use NTLM authentication. The customer wants to disable NTLM in his domain entirely.


Unfortunately, I could not find any documentation on this issue, so I checked my lab (Virtual Apps and Desktops 2203 LTSR CU2) where I could find the same NTLM authentication events. To see what happens, I set the domain controllers policy to deny all NTLM authentication requests. Now storefront is still working fine and the events are gone. Does anybody know if there is a official documentation that NTLM can be disabled for Storefront servers?

Link to comment
Share on other sites

  • 5 weeks later...
  • 4 months later...

@Jonathan Adams1709163648Can you please provide a citation in the Citrix documentation where it is shown that NTLM is a requirement?  Kerberos has been available over 10 years with statements of direction from Microsoft to do new development to eliminate NTLM. 

 NTLM is no longer secure.  I agree with @Matthias who posted the question it is a requirement to disable NTLM in our domain. I'd like to configure Citrix to allow that. How?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...