Force Powershell to use Kerberos instead of NTLM

calin.pavel · May 6, 2022, 3:03pm

I do have an application configured to support Kerberos authentication and doing HTTP calls to it from powershell like:

Invoke-WebRequest -V -Uri $url -Method "GET" -ErrorAction Stop -UseDefaultCredentials

If I do this call from another machine request is working fine, an Kerberos token is sent in the headers and authentication succeeds.

If I try the same request on the same machine where Web server is installed, Powershell sends automatically an NTLM token (in Authorization header) and because of that authentication fails.
I do not want to enable NTLM authentication on server.

Is there any possibility to:

force Powershell to use always Kerberos protocol?
or to disable NTLM protocol on a machine (not for entire domain)?

tbingeman · May 6, 2022, 5:08pm

Hi Calin,

Welcome to the forums! In order to ensure that people can determine what is code and what is not, please go back and format your code using the </> button. This will make your code readable and easier to digest. Please also show any error messages you are getting along with putting all the code into the post so we can see what you are trying to do. I am including a link that will help you in getting your code formatted on the forums.

Guide for formatting code

Topic		Replies	Views
Use users credentials without asking for them PowerShell Help	6	129	March 3, 2016
Enabling NTLM Authentication in FireFox PowerShell Help	1	140	March 25, 2017
Automate Invoke-Restmethod to work without asking for credentials PowerShell Help	1	141	June 27, 2016
UseDefaultCredentials option is not working powershell 4.0 PowerShell Help	0	156	July 9, 2020
Add-Computer Authentication Method PowerShell Help	3	187	October 29, 2020

Force Powershell to use Kerberos instead of NTLM

Related Topics