After disabling or blocking SMB 1.0, NTLM authentication fails to work with the Web Gateway

book

Article ID: 169646

calendar_today

Updated On:

Products

Web Gateway

Issue/Introduction

After disabling or blocking SMB 1.0, NTLM authentication fails to work with the Symantec Web Gateway (SWG).  Attempts to test NTLM (HTTP 407) or add/change the Primary or Secondary Domain Controller result in errors.

When attempting to test NTLM (HTTP 407), the following error is noted:

NTLM HTTP 407 test failed: An error occurred while contacting the domain controller: system error, error code = NTLM40.

When attempting to change/add a Primary or Secondary Domain controller, the following error is noted:

We're sorry, but an error occurred while contacting the domain controller: 255 Failed to join domain: failed to look up DC info for domain '[DOMAIN NAME]' over RPC: NT_STATUS_CONNECTION_RESET

 

Cause

The SWG only supports SMB 1.0 for NTLM authentication.

Resolution

Ensure that the SWG has unrestricted access to SMB port 445 to the Primary and Secondary Domain Controllers.