Users can enable Windows Management Instrumentation (WMI) Authentication Protocol for device authentication by selecting NTLM and/or Kerberos in the General Settings dialog. Kerberos offers a more secure authentication method, however it may require changes on your network devices and/or domain controller to ensure proper functionality. Primarily, this means ensuring each device's host name in WhatsUp Gold matches its Service Principal Name (SPN) in the domain. Please note, when both options are enabled, WhatsUp Gold will authenticate devices using Kerberos first and only use NTLM if Kerberos fails.

Please note, devices must have the following to be compatible in a Kerberos-configured environment:

  • Devices whose host names in WhatsUp Gold match their Service Principal Names (SPN) in the domain.
  • Devices must be joined to a domain.
  • Devices with Windows domain account credentials.

Disabling NTLM will prevent WMI access to devices that do not meet this criteria.

Note: Windows Event Log passive monitors use NTLM for WMI Authentication independent of the WMI Authentication method selected in the General Settings dialog.