So here is the $10,000 question for the day. I have discovered that all of the authentication traffic coming from my polling engines to my monitored nodes (domain controllers) is using NTLM. My first question is: Why is NTLM being used vs. Kerberos. My polling engines are in the same domain? Question #2 is: How would one go about tweaking things so only Kerberos is used by the SolarWinds service account when authenticating to a node for monitoring purposes?
Any insight on this would be most appreciated
Thanks in advance