|Component:||Microsoft Exchange Proxy|
|Message:||Microsoft Exchange Server has detected that NTLM-based authentication is presently being used between this server and server ‘<<%1>>‘. NTLM is still a secure authentication mechanism and protects users’ credentials. However, this indicates that there may be a configuration issue preventing the use of Kerberos authentication. If this condition persists, please verify that server ‘%1’ is properly configured to use Kerberos authentication.After applying any changes it may be necessary to restart Internet InformationServices on both the front-end and back-end servers.|
This event may be logged on an Exchange Server 2003 server configured as a front-end server when both of the following conditions are true:
This event may also be logged by a front-end server that is communicating with a back-end server where either or both servers have Integrated Windows authentication disabled.
If the back-end server is running Exchange 2003, make sure that Integrated Windows authentication is enabled for both the front-end and back-end servers. If the back-end server is running Exchange 2000 Server, this event can be safely ignored. If the attempt to use Kerberos authentication between an Exchange 2003 front-end server and an Exchange 2000 back-end server fails, NTLM authentication will be used.
You can also examine the IIS metabase on the back-end server to verify that the NTAuthenticationProviders value is set to Negotiate,NTLM. This value enables both NTLM and Kerberos. In this scenario, if an Exchange front-end server tries to use Kerberos with the back-end server and fails for any reason, the front-end server can fall back to using NTLM for authentication.
For details, see the following articles in the Microsoft Knowledge Base: