2.1 Transport
This protocol works over the protocol sequences specified in [MS-OXCRPC] section 2.1.
This protocol uses a well-known endpoint, 6002, for the RPC protocol sequence ncacn_http.
This protocol supports the NT LAN Manager (NTLM) Authentication Protocol (RPC_C_AUTHN_WINNT), and the Negotiate (RPC_C_AUTHN_GSS_NEGOTIATE) security providers. A Negotiate security provider determines whether to use NTLM or Kerberos authentication. The default is Kerberos. A Negotiate security provider selects NTLM authentication only in the following cases:
One of the systems that is involved in the authentication cannot use Kerberos authentication.
The client does not provide sufficient information to use Kerberos authentication.
Callers MUST be authenticated but no further authorization checks are performed.