MicrosoftRegarding RDP, does the RDS Licensing service use only NTLM when connecting from RDS host -> separate license server?
With NTLM in/out blocked on an all-in-one RDS host that contains the license server (2019), it works fine, but if a second (2019) session host server (in the same domain) uses that license server, any time it tries to issue a new user-based license, it attempts NTLM to the license server. Enabling the Security-Kerberos log in event viewer doesn't show it attempting/failing kerberos. From the NTLM log, it attempts NTLM with target server HOST/licenseservername.domain.example and the supplied user is the computer account RDSHOSTNAME$. After the user has logged in twice (license is issued), it allows logging in (no license error) without sending NTLM to the license server (presumably until the user's issued license needs renewed).
Update: after installing the 2024-01 cumulative update for Windows server 2019 and .NET on the second session host and the license server/first session host, so far the licensing seems to be working now without NTLM? The servers were previously on the 2023-12 cumulative update when I posted this comment originally.
