UI Translation

Network security: Restrict NTLM: NTLM authentication in this domain This policy setting allows you to deny or allow NTLM ...

Network security: Restrict NTLM:  NTLM authentication in this domain

This policy setting allows you to deny or allow NTLM authentication within a domain from this domain controller. This policy does not affect interactive logon to this domain controller.

If you select "Disabled" or do not configure this policy setting, the domain controller will allow all NTLM pass-through authentication requests within the domain.

If you select "Deny for domain accounts to domain servers" the domain controller will deny all NTLM authentication logon attempts to all servers in the domain that are using domain accounts and return an NTLM blocked error unless the server name is on the exception list in the "Network security: Restrict NTLM: Add server exceptions for NTLM authentication in this domain" policy setting.

If you select "Deny for domain account" the domain controller will deny all NTLM authentication logon attempts from domain accounts and return an NTLM blocked error unless the server name is on the exception list in the "Network security: Restrict NTLM:  Add server exceptions for NTLM authentication in this domain" policy setting.

If you select "Deny for domain servers" the domain controller will deny NTLM authentication requests to all servers in the domain and return an NTLM blocked error unless the server name is on the exception list in the "Network security: Restrict NTLM: Add server exceptions for NTLM authentication in this domain" policy setting.

If you select "Deny all," the domain controller will deny all NTLM pass-through authentication requests from its servers and for its accounts and return an NTLM blocked error unless the server name is on the exception list in the "Network security: Restrict NTLM: Add server exceptions for NTLM authentication in this domain" policy setting.

This policy is supported on at least Windows Server 2008 R2.

Note: Block events are recorded on this computer in the "Operational" Log located under the Applications and Services Log/Microsoft/Windows/NTLM.
Network security: Restrict NTLM: Add server exceptions in this domain This policy setting allows you to create an exception ... Network security: Restrict NTLM: Audit Incoming NTLM Traffic This policy setting allows you to audit incoming NTLM traffic. ... Network security: Restrict NTLM: Audit NTLM authentication in this domain This policy setting allows you to audit NTLM authentication ... Network security: Restrict NTLM: Incoming NTLM traffic This policy setting allows you to deny or allow incoming NTLM traffic. ... Network security: Restrict NTLM: NTLM authentication in this domain This policy setting allows you to deny or allow NTLM ... Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers This policy setting allows you to deny or audit ... Network State Change Fired New Internet Connection Profile: %1 Connection Cost Changed: %2 Domain Connectivity Level Changed: ... Network traffic related to notifications was attributed to the following AppUserModelId: %1. %2 NotificationType %3 Size ... Network Unlock can only be disabled within the BitLocker Drive Encryption group policy setting "Allow network unlock at startup", ...
English
English (United States) Deutsch (Deutschland)
German (Germany) Español (España)
Spanish (Spain) Français (France)
French (France) italiano
Italian 日本語
Japanese 한국어
Korean Português
Portuguese Русский
Russian