NTLM vs KERBEROS
Let us understand how NTLM authentication works: Step 1: User sends a request to the server passing the domain authentication credentials. Step 2: Server creates an encryption token and sends a response back to the User (User's machine) Step 3: User gets the encrypted token and uses the token to encapsulate the user's password and re sends the new information back to the server. Step 4: Server gets the encrypted password, decrypts the information and sends the information to the Domain Account Controller/Service Account Manager for verification and authentication. Step 5: The Service account manager verifies the information and informs the server that the user is either authenticated or the authentication request has been denied. Once these steps occur a connection with the server will either be established or disestablished. Key notes here is that the NTLM authentication does not require to have the server principle (SPN) established on the local machine for authentication. Th...