From dd40bf4f9ccf3d1d6fd0019edc32f7e289110c1d Mon Sep 17 00:00:00 2001
From: yasalkar <yasalkar@qualys.com>
Date: Mon, 11 May 2020 22:44:51 +0530
Subject: [PATCH 1/4] Please add this policy setting.

---
 ...policy-csp-localpoliciessecurityoptions.md | 71 +++++++++++++++++++
 1 file changed, 71 insertions(+)

diff --git a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
index 9263511ddf..ed5184af57 100644
--- a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
+++ b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
@@ -111,6 +111,9 @@ manager: dansimp
   <dd>
     <a href="#localpoliciessecurityoptions-networksecurity-lanmanagerauthenticationlevel">LocalPoliciesSecurityOptions/NetworkSecurity_LANManagerAuthenticationLevel</a>
   </dd>
+  <dd>
+    <a href="#localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedclients">LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedClients</a>
+  </dd>
   <dd>
     <a href="#localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedservers">LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedServers</a>
   </dd>
@@ -2385,6 +2388,74 @@ GP Info:
 
 <hr/>
 
+<!--Policy-->
+<a href="" id="localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedclients"></a>**LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedClients**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Network security: Minimum session security for NTLM SSP based (including secure RPC) clients
+
+This security setting allows a client device to require the negotiation of 128-bit encryption and/or NTLMv2 session security. These values are dependent on the LAN Manager Authentication Level security setting value. The options are:
+
+Require NTLMv2 session security: The connection will fail if message integrity is not negotiated.
+Require 128-bit encryption. The connection will fail if strong encryption (128-bit) is not negotiated.
+
+Default:
+
+Windows XP, Windows Vista, Windows 2000 Server, Windows Server 2003, and Windows Server 2008: No requirements.
+
+Windows 7 and Windows Server 2008 R2: Require 128-bit encryption
+
+<!--/Description-->
+<!--RegistryMapped-->
+GP Info:  
+-   GP English name: *Network security: Minimum session security for NTLM SSP based (including secure RPC) clients*
+-   GP path: *Windows Settings/Security Settings/Local Policies/Security Options*
+
+<!--/RegistryMapped-->
+<!--/Policy-->
+
+<hr/>
+
 <!--Policy-->
 <a href="" id="localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedservers"></a>**LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedServers**  
 

From b698fc68b45124dbb5f7f67a2a33d78ce7aefcf1 Mon Sep 17 00:00:00 2001
From: yogeshasalkar <50020908+yogeshasalkar@users.noreply.github.com>
Date: Tue, 12 May 2020 04:34:41 +0000
Subject: [PATCH 2/4] Update
 windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md

Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 .../mdm/policy-csp-localpoliciessecurityoptions.md              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
index ed5184af57..ae3db17fd9 100644
--- a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
+++ b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
@@ -2437,7 +2437,7 @@ Network security: Minimum session security for NTLM SSP based (including secure
 This security setting allows a client device to require the negotiation of 128-bit encryption and/or NTLMv2 session security. These values are dependent on the LAN Manager Authentication Level security setting value. The options are:
 
 Require NTLMv2 session security: The connection will fail if message integrity is not negotiated.
-Require 128-bit encryption. The connection will fail if strong encryption (128-bit) is not negotiated.
+Require 128-bit encryption: The connection will fail if strong encryption (128-bit) is not negotiated.
 
 Default:
 

From 8099e145a664d53cb8e44135addcafc6791110bf Mon Sep 17 00:00:00 2001
From: yogeshasalkar <50020908+yogeshasalkar@users.noreply.github.com>
Date: Tue, 12 May 2020 04:40:52 +0000
Subject: [PATCH 3/4] Update
 windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md

Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 .../mdm/policy-csp-localpoliciessecurityoptions.md              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
index ae3db17fd9..8eafd4ee9b 100644
--- a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
+++ b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
@@ -2443,7 +2443,7 @@ Default:
 
 Windows XP, Windows Vista, Windows 2000 Server, Windows Server 2003, and Windows Server 2008: No requirements.
 
-Windows 7 and Windows Server 2008 R2: Require 128-bit encryption
+Windows 7 and Windows Server 2008 R2: Require 128-bit encryption.
 
 <!--/Description-->
 <!--RegistryMapped-->

From 72a589b35a5126a96e2278be0f730e0bba09ca95 Mon Sep 17 00:00:00 2001
From: Manika Dhiman <v-madhi@microsoft.com>
Date: Tue, 12 May 2020 15:06:22 -0700
Subject: [PATCH 4/4] Update policy-csp-localpoliciessecurityoptions.md

---
 .../mdm/policy-csp-localpoliciessecurityoptions.md          | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
index 8eafd4ee9b..1e8a860af4 100644
--- a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
+++ b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
@@ -2432,12 +2432,12 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-Network security: Minimum session security for NTLM SSP based (including secure RPC) clients
+Network security: Minimum session security for NTLM SSP based (including secure RPC) clients.
 
 This security setting allows a client device to require the negotiation of 128-bit encryption and/or NTLMv2 session security. These values are dependent on the LAN Manager Authentication Level security setting value. The options are:
 
-Require NTLMv2 session security: The connection will fail if message integrity is not negotiated.
-Require 128-bit encryption: The connection will fail if strong encryption (128-bit) is not negotiated.
+- Require NTLMv2 session security: The connection will fail if message integrity is not negotiated.
+- Require 128-bit encryption: The connection will fail if strong encryption (128-bit) is not negotiated.
 
 Default: