turning off ntlmv1 or how to approach turning off legacy technology
DESCRIPTION
Turning Off NTLMv1 or How to Approach Turning Off Legacy Technology. Brian Arkills Software Engineer, UW Windows Infrastructure Svc Mgr , and Associate Troublemaking Officer UW-IT, Identity and Access Management Microsoft Directory Services MVP 2012-2014. Goals. Why Turn Off NTLMv1?. - PowerPoint PPT PresentationTRANSCRIPT
Turning Off NTLMv1or
How to Approach Turning Off Legacy Technology
Turning Off NTLMv1or
How to Approach Turning Off Legacy Technology
Brian ArkillsSoftware Engineer, UW Windows Infrastructure Svc Mgr, and Associate Troublemaking Officer UW-IT, Identity and Access Management
Microsoft Directory Services MVP 2012-2014
GoalsGoals
Why Turn Off NTLMv1?Why Turn Off NTLMv1?
Keys to Success Retiring Old TechKeys to Success Retiring Old Tech
NTLMv1 Resources We DevelopedNTLMv1 Resources We Developed
• NTLMv1 Removal - Known Problems and Workarounds
• Customer Mitigation Walkthrough• PowerShell NTLMv1 Log Parser• PowerShell and Registry file for LMCompatibilityLevel• Log parsing -> Customer notification process• IIS web app that only allows NTLMv2
Timeline and VisualizationsTimeline and Visualizations
6/17-6/23 6/24-7/1 7/1-7/7 7/8-7/14 7/15-7/22 7/29-7/22 8/5-7/29 8/11-8/50
200
400
600
800
1000
NTLMv1: Benefits of leveraging our user notifications
users computers
Stumbling PointsStumbling Points
Tech - Stumbling PointsTech - Stumbling Points
Svc Mgmt – Stumbling PointsSvc Mgmt – Stumbling Points
Loose EndsLoose Ends
What about NTLMv2? (Pass the Hash)What about NTLMv2? (Pass the Hash)
The EndThe End
Brian [email protected]
@barkills http://blogs.uw.edu/barkills
http://www.netid.washington.edu
Author of LDAP Directories ExplainedMicrosoft Directory Services MVP 2012-2014