On Tue, 29 Mar 2011 15:09:20 +0200, Fran MÃrquez wrote:
Hi,
Is the Negotiate auth protocol faster than NTLM or it also increase
(x2 or x3) the http traffic when is used?
Regards,
F.J
Negotiate is a wrapper protocol, so the answer is maybe.
In modern browsers it commonly wraps Kerberos auth. Which is more
efficient on the handshakes, has stronger hash algorithms than NTLM and
backend helpers avoid the 256 concurrency limit in winbind. So is worth
trying to use either way.
Older versions of MS software is known to wrap it around NTLM. Which
means no gains and no real difference at all.
If you try the migration and hit these old MS software problems Markus
Moeller is currently developing a wrapper helper to handle both
Negotiate/NTLM and negotiate/Kerberos.
Amos