Shared folders are not loger accessible after disabling NTLM on domain

Copper Contributor



To secure my ad environment from NTLM vulnerabilities, i disabled NTLM on domain via GPO, but all shared folders on servers becomes inaccessible access domain controller shared folders.


As i understand, it supposed that smb access must use Kerberos by default instead of NTLM.


My environment is Windows server 2016, Windows 10 clients.

1 Reply

I think the problem is that i used the ip adresse of file server instead of hostname or FQDN.

From :
To use Kerberos authentication in an application, you must specify the DNS name of the server, instead of its IP address. If you specify an IP address when connecting to your resources, NTLM authentication will be used.