deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 05:47:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #10647 from michaelAngeloEgypt/patch-17

Browse Source 
#10420
This commit is contained in:
Aaron Czechowski 2022-07-12 17:47:04 -07:00 committed by GitHub
commit 6a17ff95f1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md
View File

@ -47,9 +47,13 @@ When you enable this audit policy, it functions in the same way as the **Network
The domain controller will log events for NTLM authentication logon attempts that use domain accounts when NTLM authentication would be denied because the **Network security: Restrict NTLM: NTLM authentication in this domain** policy setting is set to **Deny for domain accounts**. The domain controller will log events for NTLM authentication logon attempts that use domain accounts when NTLM authentication would be denied because the **Network security: Restrict NTLM: NTLM authentication in this domain** policy setting is set to **Deny for domain accounts**.
- Not defined - **Enable for domain servers**
This is the same as **Disable** and results in no auditing of NTLM traffic. The domain controller will log events for NTLM authentication requests to all servers in the domain when NTLM authentication would be denied because the **Network security: Restrict NTLM: NTLM authentication in this domain** policy setting is set to **Deny for domain servers**.
- **Enable all**
The domain controller on which this policy is set will log all events for incoming NTLM traffic.
### Best practices ### Best practices