Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.
NTLM
The default setting, NTLM protocol, is based on a challenge-response mechanism for client authentication. NTLM is available in Team Foundation Server to communicate with systems that are able to use only NTLM authentication.
Negotiate (Kerberos)
The Kerberos version 5 protocol is the primary security protocol for authentication within a domain. Kerberos authentication uses a service ticket system that verifies the identity of the user and of the network services. This dual verification is known as mutual authentication. The system attempts to negotiate authentication over the Kerberos protocol first, but if it is not successful, the NTLM protocol is used.
To enable Kerberos authentication, you must perform additional configuration. For more information, see this link:
Kerberos Authentication in Windows Server 2003
Keywords: vkball, kb