Print

Print


The outlook issues resolve when Outlook is restarted after rebooting computers, or so it seems.  The other 2 items, those did not resolve when computers were rebooted.

From: Technology Discussion at UVM <[log in to unmask]> On Behalf Of Geoffrey Duke
Sent: Tuesday, June 2, 2020 12:16 PM
To: [log in to unmask]
Subject: Re: Security configuration change - Tuesday, June 2nd

Interesting. I’m not sure how restarting Outlook would fix an issue with accessing a website that we don’t manage. Perhaps coincidental timing?

—Geoff

From: Technology Discussion at UVM <[log in to unmask]<mailto:[log in to unmask]>> On Behalf Of Peg Hunt
Sent: Tuesday, June 2, 2020 12:12 PM
To: [log in to unmask]<mailto:[log in to unmask]>
Subject: Re: Security configuration change - Tuesday, June 2nd

They are not all related to outlook.  I received this:

[cid:[log in to unmask]]

And this from another user who had just restarted their computer:
[cid:[log in to unmask]]


Restarting seems to resolve the Outlook issues.

-Peg


From: Technology Discussion at UVM <[log in to unmask]<mailto:[log in to unmask]>> On Behalf Of Geoffrey Duke
Sent: Tuesday, June 2, 2020 12:09 PM
To: [log in to unmask]<mailto:[log in to unmask]>
Subject: Re: Security configuration change - Tuesday, June 2nd

The change is only involved in authentication. I don’t think hyperlinks would be affected at all. Is it possible that folks are having network-related problems? Is this all in the context of Outlook?

—Geoff

From: Technology Discussion at UVM <[log in to unmask]<mailto:[log in to unmask]>> On Behalf Of Peg Hunt
Sent: Tuesday, June 2, 2020 11:52 AM
To: [log in to unmask]<mailto:[log in to unmask]>
Subject: Re: Security configuration change - Tuesday, June 2nd

Hi,

I’ve got people suddenly having a host of connectivity issues: Outlook, hyperlinks not working anymore, access to various systems… Could that be related to these changes?

Thanks,
Peg

PEG HUNT
Technical Support Specialist

University of Vermont
194 So. Prospect Street
Burlington, VT 05401
Voice: (802) 656-4662 | Fax: (802) 656-8611
Email: [log in to unmask]<mailto:[log in to unmask]> | Web: www.uvm.edu<http://www.uvm.edu/>

UVM is subject to the Vermont Public Records Act and communications to and from this email
address, including attachments, are subject to disclosure unless exempted under the
Act or otherwise applicable law.



From: Technology Discussion at UVM <[log in to unmask]<mailto:[log in to unmask]>> On Behalf Of Geoffrey Duke
Sent: Thursday, May 28, 2020 5:40 PM
To: [log in to unmask]<mailto:[log in to unmask]>
Subject: Security configuration change - Tuesday, June 2nd

Hi, folks,

ETS is working to increase the security of network communications among devices that connect to the Campus Domain. As part of this effort, we will be disallowing legacy authentication protocols in the coming weeks. Although all current Windows devices already support and negotiate the use of NTLMv2 (when unable to use Kerberos), and we haven’t found any problems among the Linux and macOS systems we’ve tested, other operating systems and legacy devices may depend on older protocols. So, out of an abundance of caution, we will make these changes in a stepwise fashion.

What’s changing and when?

On Tuesday, June 2nd (next week), we will change domain policy to require Windows client devices to use NTLMv2, disallowing LM and NTLM. Because all the devices receiving this policy already prefer NTLMv2, we don’t anticipate this creating any problems.

On Tuesday, June 16th, we will change the policy on the domain controllers to disallow authentication using the LM protocol. Our domain controllers don’t store this protocol’s password hash, and so folks aren’t actively using the protocol anyway. Again, we don’t anticipate this change creating any problems.

To ensure adequate testing of network and domain attached devices during this period of limited on-campus presence, we will wait before scheduling a subsequent policy change to disable NTMLv1 authentication. (We’re hoping for early July, though 😉).

Please let me know if you have any questions ,

—Geoff

Geoffrey Duke  [He/Him]
802.656.1172 | Sr Systems Administrator | Enterprise Technology Services | University of Vermont