Technote (FAQ)
Question
Hyper-V test connections fails with
"An error occurred during authentication to https://<server>:<port>/wsman.
Improper type 2 (challenge) message retrieved.
Negotiate authentication scheme not enabled on the server side? "
Cause
NTLM v1 maybe disabled.
Answer
To check if Hyper-V NTLM v1 was manually disabled on the problematic Hyper-V host, do the following :
1.) Open a Group Policy Editor on the hyper-v host ('gpedit' command)
2.) Go to: Computer Configuration -> Windows Settings -> Security
Settings -> Local Polices -> Security Options
3.) On the displayed list (on the right side) locate the following entries:
a.) 'LAN Manager authentication level' and change its value to 'Send LM & NTLM - use NTLMv2 session security if negotiated' if it is set otherwise (the default value)
b.) 'Minimum session security for NTLM SSP based (including secure
RPC) clients' and uncheck/unselect the 'Require NTLMv2 session security' option
in 'Properties' panel
c.) 'Minimum session security for NTLM SSP based (including secure
RPC) servers' and uncheck/unselect the 'Require NTLMv2 session security' option
in 'Properties' panel
Retry connection to Hyper-v .
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.