NTLM Authentication Failing once Domain Controller was upgraded to Windows Server 2016. Application server is running Server 2012 R2. We have one domain controller left on 2012, NTLM works fine on that controller. When I switch to one of the 2016 servers, it fails. It seems that this may be the issue:
https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls (thanks to RichM for identifying this back in 2019).
What I would like to know is this: if I upgrade my application server to Windows Server 2016, will that fix my issue as well or will I have the same issues as with a an app server on 2012 R2?