CLI Reference Guide

aaa authentication stateful-ntlm

This command configures stateful NT LAN Manager (NTLM) authentication.

Parameter Description Range Default

stateful NTLM authentication profile to configure a controller to monitor the NTLM authentication messages

between clients and an authentication server. The controller can then use the information in the Server Message

Block (SMB) headers to determine the client's username and IP address, the server IP address and the client's current

authentication status. If the client successfully authenticates via an NTLM authentication server, the controller can

recognize that the client has been authenticated and assign that client a specified user role. When the user logs off

or shuts down the client machine, the user will remain in the authenticated role until the user’s authentication is

aged out.

The Stateful NTLM Authentication profile requires that you specify a server group which includes the servers

performing NTLM authentication, and a default role to be assigned to authenticated users. For details on defining a

windows server used for NTLM authentication, see aaa authentication-server windows.

Command introduced in ArubaOS 3.4.1