Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
SharePoint sites must not use NTLM.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-29301 | SHPT-00-000531 | SV-37822r2_rule | IAIA-1 IAIA-2 | Medium |
| Description |
|---|
| An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message. Techniques used to address this include protocols using nonce's or challenges (e.g., TLS, WS_Security), and time synchronous or challenge-response one-time authenticators. SharePoint must not use NTLM in the authentication process. |
| STIG | Date |
|---|---|
| SharePoint 2010 Security Technical Implementation Guide (STIG) | 2012-10-12 |
Details
| Check Text ( C-37023r3_chk ) |
|---|
| SharePoint must be configured to not use NTLM. 1. Using IIS Manager (IIS 7), navigate to view the SharePoint Web Application sites. 2. Select a SharePoint Web Application site to review. 3. In the IIS section, double-click Authentication and then select Windows Authentication. 4. Right-click Windows Authentication and select Providers. 5. If NTLM is listed in the Enabled Providers box, this is a finding. |
| Fix Text (F-32291r5_fix) |
|---|
| 1. Using IIS Manager (IIS 7), navigate to view the SharePoint Web Application sites. 2. Select a SharePoint Web Application site to configure. 3. In the IIS section, double-click Authentication and select Windows Authentication. 4. Right-click Windows Authentication and select Providers. 5. Add Negotiate to the list in the Enabled Providers box. 6. Remove NTLM from the list in the Enabled Providers box. |