Can a web service provide NTLM authentication against a domain without being a domain member?
What I have is a simple Nancy web service that is self-hosted via Owin to support NTLM authentication (inspired by a gist from Damian Hickey, slightly modified). This works very well as long as the service runs on a machine that has joined the relevant domain.
Now I am looking for a way to authenticate the client via NTLM when the service is running on a machine which is not a member of any Windows domain (which I think is what is called pass-through authentication in this SSPI tutorial).
After reading many articles regarding NTLM and SSPI, I am still not sure if this scenario is possible at all.
