First published on MSDN on Mar 26, 2018
I was assisting a customer just the other day who was having a dejavu of removing Negotiate from IIS Windows Authentication. After clicking the "Remove" button, if he restarted the machine, the Negotiate would reappear!
This is because the setting is by default locked. You need to do from the IIS Configuration Editor.
Here is how to do it:
Open IIS Manager (just type inetmgr.exe on your Start--->Run)
Select "Configuration Editor" under management
Change the Section to
Click on the
item, and then click
on the right. Select the "Negotiate" item and click "Remove":
Alternately, you can do it from the command line as follows:
appcmd.exe set config "Virtual/path/to/application" -section:system.webServer/security/authentication/windowsAuthentication /-"providers.[value='Negotiate']" /commit:apphost