How to enable NTLMv2 Authentication in Sentinel 6

  • 3191014
  • 22-Jan-2008
  • 26-Apr-2012


Sentinel 6.0.xx Sentinel Server
Sentinel 6.0.xx


For security reasons it may be desirable to use NTLM v2 for windowsauthentication to a Microsoft environment. The Security Technical Implementation Guide (STIG) from the United States Department of Defense (DoD) states NTLM v2 should be used as well. Once the Microsoft side is configured properly to use this protocol the Sentinel components can also be configured to do the same. This TID is written specifically for Sentinel 6.0 SP2 and may apply to future versions until this is the default configuration for a Microsoft windows environment.


Be sure Sentinel 6.0 SP2 or later is applied to all Sentinel servers before taking the following steps. These steps should be applied to all servers running Sentinel.

1. - Create a new file called in the $ESEC_HOME/config directory with the following two lines (be sure permissions are appropriate for this file like the others in the same directory):


2. - Backup the $ESEC_HOME/config/configuration.xml file. When completed add the following switch to each DAS process's definition at some point BEFORE the JAR file is specified (-jar):


The filename specified in the configuration option listed above should refer to the properties file created in step 1. An example of an updated process definition is in the Additional Notes section. This is only a sample from a configured system and should not be used directly as some parameters may differ from your own environment.

3. - Restart all Sentinel services.

Additional Information

To implement NTLM v2 in Microsoft Active Directory (MAD) and Microsoft windows see

A sample process definition from configuration.xml with the changes applied:
-Desecurity.jdbc.config.file=../config/ -jar ../lib/ccsbase.jar ..//config//das_query.xml" min_instances="1" name="DAS_Query" post_startup_delay="20" type="container" working_directory="$(ESEC_HOME)/data"/>