View Categories

NTLM Authentication Performance

1 min read

Summary #

Microsoft Windows Server by default only handles one NTLM authentication request at a time. Typically, this is not an issue on smaller networks. However, on larger networks that also have other devices that use the NTLM authentication infrastructure (like SecureSchool), the domain controllers can get backed up and cause slow browsing, or behavior where the SecureSchool authentication engine is restarting a lot and users will sporadically get authentication pop-ups.

More Information #

To fix this issue, you need to configure Microsoft Windows Server to handle more than one NTLM authentication request at a time.  We recommend setting it to 5. You need to make the change on all of your domain controllers.  Full details of what to change and where are provided by Microsoft, in Microsoft KB326040 .

  1. Start Registry Editor. To do this, click Start, click Run, type Regedt32.exe, and then click OK.
  2. Locate the following registry key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
  3. On the Edit menu, click Add Value, and then add the following registry information (where 10 represents the heaviest loads):
    • Value Name: MaxConcurrentApi
    • Data Type: REG_DWORD
    • Value: 5
  4. Restart the NETLOGON service.

References #

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

SOCIAL NETWORKS

CONTACT US

Phone: 1-877-225-0100 (toll-free) or 732-929-1485

Fax: 732-359-1522

Email: support@K12USA.com

Mail:

K12USA.com

24 Highland Bend

Island Heights, NJ 08732

JOIN OUR MAILING LIST

K12USA.com ©1999-2025