Network security: LAN Manager authentication level This security setting determines which challenge/response authentication protocol is used for network logons. This choice affects the level of authentication protocol used by clients, the level of session security negotiated, and the level of authentication accepted by servers as follows: Send LM NTLM responses: Clients use LM and NTLM authentication and never use NTLMv2 session security; domain controllers accept LM, NTLM, and NTLMv2 authentication. Send LM & NTLM - use NTLMv2 session security if negotiated: Clients use LM and NTLM authentication and use NTLMv2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication. Send NTLM response only: Clients use NTLM authentication only and use NTLMv2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication. Send NTLMv2 response only: Clients use NTLMv2 authentication only and use NTLMv2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication. Send NTLMv2 response only efuse LM: Clients use NTLMv2 authentication only and use NTLMv2 session security if the server supports it; domain controllers refuse LM (accept only NTLM and NTLMv2 authentication). Send NTLMv2 response only efuse LM & NTLM: Clients use NTLMv2 authentication only and use NTLMv2 session security if the server supports it; domain controllers refuse LM and NTLM (accept only NTLMv2 authentication). Important This setting can affect the ability of computers running Windows 2000 Server, Windows 2000 Professional, Windows XP Professional, and the Windows Server 2003 family to communicate with computers running Windows NT 4.0 and earlier over the network. For example, at the time of this writing, computers running Windows NT 4.0 SP4 and earlier did not support NTLMv2. Computers running Windows 95 and Windows 98 did not support NTLM. Default: Windows 2000 and windows XP: send LM & NTLM responses Windows Server 2003: Send NTLM response only Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: Send NTLMv2 response only
Network security: Allow PKU2U authentication requests to this computer to use online identities. This policy will be turned ...
Network security: Configure encryption types allowed for Kerberos This policy setting allows you to set the encryption types ...
Network security: Do not store LAN Manager hash value on next password change This security setting determines if, at the ...
Network security: Force logoff when logon hours expire This security setting determines whether to disconnect users who are ...
Network security: LAN Manager authentication level This security setting determines which challenge/response authentication ...
Network security: LDAP client signing requirements This security setting determines the level of data signing that is requested ...
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients This security setting allows ...
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers This security setting allows ...
Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication This policy setting allows you to create ...