Policy

Configure SIP security mode

When Lync connects to the server, it supports various authentication mechanisms. This policy allows the user to specify whether Digest and Basic authentication are supported. Disabled (default): NTLM/Kerberos/TLS-DSK/Digest/Basic Enabled: Authentication mechanisms: NTLM/Kerberos/TLS-DSK Gal Download: Requires HTTPS if user is not logged in as an internal user.

Policy
Pack Microsoft Office
Category Skype for Business 2016 / Microsoft Lync Feature Policies
Policy ID 352c89529632
Internal name L_PolicyEnableSIPHighSecurityMode_1

Registry

Copy registry mappings

HKLM\software\policies\microsoft\office\16.0\lync\enablesiphighsecuritymode (enabled) = 1
HKLM\software\policies\microsoft\office\16.0\lync\enablesiphighsecuritymode (disabled) = 0
HKCU\software\policies\microsoft\office\16.0\lync\enablesiphighsecuritymode (enabled) = 1
HKCU\software\policies\microsoft\office\16.0\lync\enablesiphighsecuritymode (disabled) = 0

Policy notes

When Lync connects to the server, it supports various authentication mechanisms. This policy allows the user to specify whether Digest and Basic authentication are supported. Disabled (default): NTLM/Kerberos/TLS-DSK/Digest/Basic Enabled: Authentication mechanisms: NTLM/Kerberos/TLS-DSK Gal Download: Requires HTTPS if user is not logged in as an internal user.

Related policies

Additional server versions supportedAllow storage of user passwordsConfigure SIP compression modeDisable automatic upload of sign-in failure logsDisable HTTP fallback for SIP connectionDisable server version checkEnable using BITS to download Address Book Service files