Network security: Minimum session security for NTLM SSP based (including secure RPC) servers

Network security: Minimum session security for NTLM SSP based (including secure RPC) servers

This security setting allows a server to require the negotiation of 128-bit encryption and/or NTLMv2 session security. These values are dependent on the LAN Manager Authentication Level security setting value. The options are:

Require NTLMv2 session security: The connection will fail if message integrity is not negotiated.
Require 128-bit encryption. The connection will fail if strong encryption (128-bit) is not negotiated.

Default: No requirements.

Policy path: 

Computer Configuration\Windows Settings\Local Policies\Security Options

Comments: 

Warning: This setting will apply to any computers running Windows 2000 through changes in the registry but the security setting will not be viewable through the Security Configuration Manager tool set. For more information, search for "Security Setting De

Supported on: 

At least Windows XP SP2, Windows Server 2003

Registry settings: 

MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinServerSec

Reboot required: 

No

Related content