2.1 Transport

This protocol works over the protocol sequences specified in [MS-OXCRPC] section 2.1.

This protocol uses a well-known endpoint, 6002, for the RPC protocol sequence ncacn_http.

This protocol supports the NT LAN Manager (NTLM) Authentication Protocol (RPC_C_AUTHN_WINNT), and the Negotiate (RPC_C_AUTHN_GSS_NEGOTIATE) security providers. A Negotiate security provider determines whether to use NTLM or Kerberos authentication. The default is Kerberos. A Negotiate security provider selects NTLM authentication only in the following cases:

• One of the systems that is involved in the authentication cannot use Kerberos authentication.

• The client does not provide sufficient information to use Kerberos authentication.

Callers MUST be authenticated but no further authorization checks are performed.