WindowsClientCredential.AllowNtlm Property

public:
 property bool AllowNtlm { bool get(); void set(bool value); };

public bool AllowNtlm { get; set; }

[System.Obsolete("This property is deprecated and is maintained for backward compatibility only. The local machine policy will be used to determine if NTLM should be used.")]
public bool AllowNtlm { get; set; }

member this.AllowNtlm : bool with get, set

[<System.Obsolete("This property is deprecated and is maintained for backward compatibility only. The local machine policy will be used to determine if NTLM should be used.")>]
member this.AllowNtlm : bool with get, set

Public Property AllowNtlm As Boolean

Property Value

true if NTLM authentication should be allowed as Windows SSPI Negotiate authentication, false otherwise. The default is true.

Attributes

ObsoleteAttribute

Remarks

Setting this property to true allows authentication to downgrade to NTLM if Kerberos is not available.

Setting this property to false causes Windows Communication Foundation (WCF) to make a best-effort to throw an exception if NTLM is used. Note that setting this property to false may not prevent NTLM credentials from being sent over the wire.

Certain deployments such as workgroups and local accounts require NTLM authentication. Setting this flag to false in such deployments result in authentication failures when using WCF. In a deployment that requires mutual authentication (only supported by Kerberos), set this flag to false.

NTLM (Windows NT LAN Manager) is the authentication protocol used on networks that include systems running the Windows NT operating system, and on stand-alone systems.

The Microsoft Kerberos security package adds greater security than NTLM to systems on a network. Although Microsoft Kerberos is the protocol of choice, NTLM is still supported and must be used for network authentication if the network includes systems running versions of Windows NT 4.0 and earlier, and on stand-alone systems.