Network security: Minimum session security for NTLM SSP based (including secure RPC) clients

Network security: Minimum session security for NTLM SSP based (including secure RPC) clients

This security setting allows a client to require the negotiation of 128-bit encryption and/or NTLMv2 session security. These values are dependent on the LAN Manager Authentication Level security setting value. The options are:

Require NTLMv2 session security: The connection will fail if NTLMv2 protocol is not negotiated.
Require 128-bit encryption: The connection will fail if strong encryption (128-bit) is not negotiated.

Default: No requirements.

Policy path: 

Computer Configuration\Windows Settings\Local Policies\Security Options

Comments: 

Warning: This setting will apply to any computers running Windows 2000 through changes in the registry but the security setting will not be viewable through the Security Configuration Manager tool set. For more information, search for "Security Setting De

Supported on: 

At least Windows XP SP2, Windows Server 2003

Registry settings: 

MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinClientSec

Reboot required: 

No

Related content