2

401 Unauthorized when Exchange Server NtlmMinClientSec is set to 128bit (0x20000000)

401 Unauthorized when Exchange Server NtlmMinClientSec is set to 128bit (0x20000000).

Please support stronger encryption. 

1 reply

EM

Hi Support_tp,

I am also getting 401 Unauthorized on Android and found your post above, so I started digging a little in order to better understand:

On Windows Server 2016, 2019 and 2022 the default value NtlmMinClientSec is 0x20000000 and is the default value set by the local security policy, allowing only 128 Bit.

Setting the value to 0 by disabling 128 Bit in the corresponding setting of the local policy doesn't help, as 0 defaults to the operating systems default, which in turn is 128 Bit unless changed.

Enabling NTLMv2 and 128 Bit in the local policy will set the value to 0x20080000 which doesn't help either.

I also tried setting the value to 0x80000000 which allows 56 Bit connections, but that didn't help.

So I reverted back to requesting 128 Bit.

Also there is a value called NtlMinServerSec which is also set to 128 Bit by the default value of the local policy. I didn't touch that setting.

Which setting made it work for you?