Server type or GPO | Default value |
---|---|
Default Domain Policy | Not defined |
Default Domain Controller Policy | Not defined |
Stand-Alone Server Default Settings | Enabled |
DC Effective Default Settings | Enabled |
Member Server Effective Default Settings | Enabled |
Client Computer Effective Default Settings | Enabled |
Setting | Description | Registry security level |
---|---|---|
Send LM & NTLM responses | Client devices use LM and NTLM authentication, and they never use NTLMv2 session security. Domain controllers accept LM, NTLM, and NTLMv2 authentication. | 0 |
Send LM & NTLM – use NTLMv2 session security if negotiated | Client devices use LM and NTLM authentication, and they use NTLMv2 session security if the server supports it. Domain controllers accept LM, NTLM, and NTLMv2 authentication. | 1 |
Send NTLM response only | Client devices use NTLMv1 authentication, and they use NTLMv2 session security if the server supports it. Domain controllers accept LM, NTLM, and NTLMv2 authentication. | 2 |
Send NTLMv2 response only | Client devices use NTLMv2 authentication, and they use NTLMv2 session security if the server supports it. Domain controllers accept LM, NTLM, and NTLMv2 authentication. | 3 |
Send NTLMv2 response only. Refuse LM | Client devices use NTLMv2 authentication, and they use NTLMv2 session security if the server supports it. Domain controllers refuse to accept LM authentication, and they will accept only NTLM and NTLMv2 authentication. | 4 |
Send NTLMv2 response only. Refuse LM & NTLM | Client devices use NTLMv2 authentication, and they use NTLMv2 session security if the server supports it. Domain controllers refuse to accept LM and NTLM authentication, and they will accept only NTLMv2 authentication. | 5 |
Server type or GPO | Default value |
---|---|
Default Domain Policy | Not defined |
Default Domain Controller Policy | Not defined |
Stand-Alone Server Default Settings | Send NTLMv2 response only |
DC Effective Default Settings | Send NTLMv2 response only |
Member Server Effective Default Settings | Send NTLMv2 response only |
Client Computer Effective Default Settings | Not defined |