The outlook issues resolve when Outlook is restarted after rebooting computers, or so it seems. The other 2 items, those did not resolve when computers were rebooted.
Interesting. I’m not sure how restarting Outlook would fix an issue with accessing a website that we don’t manage. Perhaps coincidental timing?
They are not all related to outlook. I received this:
[log in to unmask]">
And this from another user who had just restarted their computer:
[log in to unmask]">
Restarting seems to resolve the Outlook issues.
The change is only involved in authentication. I don’t think hyperlinks would be affected at all. Is it possible that folks are having network-related problems? Is this all in the context of Outlook?
I’ve got people suddenly having a host of connectivity issues: Outlook, hyperlinks not working anymore, access to various systems… Could that be related to these changes?
Technical Support Specialist
University of Vermont
194 So. Prospect Street
Burlington, VT 05401
Voice: (802) 656-4662 | Fax: (802) 656-8611
UVM is subject to the Vermont Public Records Act and communications to and from this email
address, including attachments, are subject to disclosure unless exempted under the
Act or otherwise applicable law.
ETS is working to increase the security of network communications among devices that connect to the Campus Domain. As part of this effort, we will be disallowing legacy authentication protocols in the coming weeks. Although all current Windows devices already support and negotiate the use of NTLMv2 (when unable to use Kerberos), and we haven’t found any problems among the Linux and macOS systems we’ve tested, other operating systems and legacy devices may depend on older protocols. So, out of an abundance of caution, we will make these changes in a stepwise fashion.
What’s changing and when?
On Tuesday, June 2nd (next week), we will change domain policy to require Windows client devices to use NTLMv2, disallowing LM and NTLM. Because all the devices receiving this policy already prefer NTLMv2, we don’t anticipate this creating any problems.
On Tuesday, June 16th, we will change the policy on the domain controllers to disallow authentication using the LM protocol. Our domain controllers don’t store this protocol’s password hash, and so folks aren’t actively using the protocol anyway. Again, we don’t anticipate this change creating any problems.
To ensure adequate testing of network and domain attached devices during this period of limited on-campus presence, we will wait before scheduling a subsequent policy change to disable NTMLv1 authentication. (We’re hoping for early July, though 😉).
Please let me know if you have any questions ,
Geoffrey Duke [He/Him]
802.656.1172 | Sr Systems Administrator | Enterprise Technology Services | University of Vermont