Allow Insecure NETLOGON for Backward Compatibility
For some users, the domain controller is configured in such a way that the AES algorithm is not supported for NETLOGON and hence, ends up creating an insecure NETLOGON channel.
In order to avoid the unintentional creation of such an insecure NETLOGON Channel, we have an option in the “Windows Join Domain” dialog to choose explicitly. By default, the checkbox will not be selected.
Configure Insecure NETLOGON
- Select Configuration | Appliances.
- On the appliances tree, select the appliance you want to join and click Windows Domain Memberhship.
A list of domains appears on the settings pane. It is initially empty.
- Click Join to enter a domain into the list.
The Join Domain window opens.
- Configure a domain name, a domain controller, and other settings in the window.
- Select Allow Insecure Netlogon option to allow the Insecure NETLOGON Channel for backward compatibility with the Windows Domain controller until security hardening is enforced
- Click OK.