Agents on Author Dialog Options in AEM

Question

I am not able to understand that what is the use case when we can use NTLM Domain, NTLM Host, SSL,Allow expired certs been used.

Any help will be appreciated.

Answer 1

NTLM is Microsoft's implementation of the Kerberos protocol. It is used when the author and publishers have one or more of following conditions valid:

• Not on same Windows domain.
• Don't share a common AD provider.
• Kerberos ports (for eg. 88) is blocked.
• Windows server is being accessed via IP address rather than it's host name.

NTLM is a challenge-response protocol so these NTLM host and domain names are parameters used by the protocol to identify the client (which is author server in this case) along with the user name and password.

In reality, you will never use it in a Linux environment and rarely use it in modern Windows network as you have better AD security options (like trusted domains and subnets).

SSL options are there as a workaround in situations where your publisher's HTTPS certificate has expired and you want to continue with replication. Assuming that you own the publisher server in your network, it is very likely that you will trust the publisher server's identity and ignore expired certificated until you renew them. You can also relax the SSL rules so that lower level of encryption and self signed certificates are allowed. It's normally ok for trusted networks but not recommended in general.