Does Advanced Threat Protection Support NTLMv2 for Database Connections

book

Article ID: 171741

calendar_today

Updated On:

Products

Advanced Threat Protection Platform

Issue/Introduction

You wish to use NTLMv2 when connection your Advanced Threat Protection (ATP) appliance to your Symantec Endpoint Protection Manager (SEPM) database.

ATP displays “Connection Error” when attempting to save the SEPM DB settings.

MSSQL shows the following error:

Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. [CLIENT: xxx.xxx.xxx.xxx]
Error: 18452, Severity: 14, State: 1.
SSPI handshake failed with error code 0x80090302, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure. The function requested is not supported   [CLIENT: xxx.xxx.xxx.xxx]
Error: 17806, Severity: 20, State: 14.

Cause

ATP 3.1.0 and earlier uses NTLMv1 and there is a policy in the environment which prevents NTLMv1 authentication.

Resolution

NTLMv2 support has been added in ATP version 3.2.0.  Please update to ATP 3.2.0 or newer.