Subject: How to create NTLMv2 computer account?
Author: authen
Posted on: 05/06/2014 10:51:36 PM
For NTLMv2 to work, a computer account on which you run NTLMv2 service is required for security reason. This is due to the fact that NTLM is a man-in-the-middle authentication service which relies on Domain Controller (DC) to authenticate the incoming client. In order for NTLM to be capable of acting as the middle man to be trusted by client, NTLM should authenticated itself to DC first and thereafter a computer/service account is required since version 2.
Open Active Directory Users and Computers console
Right click on "CN=Computers" under DC=<domain>
Choose 'New' and then click on 'Computer'
Follow the wizard to finish.
Note: If your physical computer belongs to an AD domain, the domain controller should have already generated a computer account which can be found under "CN=Computers, DC=<domain>" in AD. This physical computer account can be used as NTLMv2 service account of course.
Replies:
References:
