Gets or sets a value that indicates whether NTLM authentication should be allowed as Windows SSPI Negotiate authentication.
Assembly: System.ServiceModel (in System.ServiceModel.dll)
Setting this property to true allows authentication to downgrade to NTLM if Kerberos is not available.
Setting this property to false causes Windows Communication Foundation (WCF) to make a best-effort to throw an exception if NTLM is used. Note that setting this property to false may not prevent NTLM credentials from being sent over the wire.
Certain deployments such as workgroups and local accounts require NTLM authentication. Setting this flag to false in such deployments result in authentication failures when using WCF. In a deployment that requires mutual authentication (only supported by Kerberos), set this flag to false.
NTLM (Windows NT LAN Manager) is the authentication protocol used on networks that include systems running the Windows NT operating system, and on stand-alone systems.
The Microsoft Kerberos security package adds greater security than NTLM to systems on a network. Although Microsoft Kerberos is the protocol of choice, NTLM is still supported and must be used for network authentication if the network includes systems running versions of Windows NT 4.0 and earlier, and on stand-alone systems.
- Full trust for the immediate caller. This member cannot be used by partially trusted code. For more information, see Using Libraries from Partially Trusted Code.
Windows 7, Windows Vista, Windows XP SP2, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003
The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.