Disable NTML Authentication in Windows Domain
There can be multiple reasons why you may want to disable NTML Authentication in Windows Domain. Some of the most common reasons are: After knowing the reasons to disable NTML Authentication, let’s see the reasons to disable it. These are the ways by which we are going to disable NTML Authentication in Windows Domain. Let us talk about them in detail.
1] By Group Policy Editor
Before disabling NTML, we need to make sure that you are not using its most unprotected protocol i.e; NTMLv1 or NTML Version 1. This can make your domain vulnerable to attackers. Once you are done with that, follow the following method to disable NTML Authentication in Windows Domain by Group Policy Editor. To do that, open Local Group Policy Editor from the Start menu. Go to the following location. Now, double-click on Network Security: LAN Manager authentication level. Select Sent NTMLv2 response only. Refuse LM & NTML from the “Local Security Settings” tab. Click Apply > Ok and NTML authentication will be disabled on your domain.
2] By Registry Editor
If you don’t have Group Policy Editor, you can disable NTML from the Registry Editor. You can easily do that, with the help of some simple solutions. Launch Registry Editor from the Start Menu and navigate to the following location. Now, right-click on Lsa and select New > DWORD (32-bit) Value. Name it “LmCompatibilityLevel” and set Value data to 5. 5 because it corresponds to “Sent NTMLv2 response only. Refuse LM & NTML”. This way you will be able to disable NTML by Registry Editor. Read Next: Why and How to disable SMBI on Windows 10