Hi Team,
We have received below query from a customer. Could you please help us on it.
It looks like our current Group Policy is forcing NTLM v1, and SMB requests to a new Linux server are being rejected – it wants to negotiate at NTLM v2.
I can tell you what it looks like in the Local Security Policy, though the working may be different when you update GP.
The LSP name is Network security: LAN Manager authentication level, and the current value is Send NTLM response only. We’d like this changed to Send NTLMv2 reponse only.
Before we do so, I have a few questions.
First, will this impact AD authentication? I know that AD can require NTLM, but I want to make sure that there’s nothing in place in our domain that would break that.
Second, we’d like to try and limit this GP change to a very small subset of users – can we limit a computer policy change to users, or would we need to target workstations?