Policy

Audit SMB client SPN support

This policy controls whether the SMB server audits the Service Principal Name (SPN) provided by SMB clients during authentication. If you enable this policy setting, the SMB server will log an event whenever an SMB client doesn't send SPN or sends an invalid SPN during authentication. This audit data can help identify clients that may be incompatible with SPN validation before enforcement is enabled on SMB server. If you disable or do not configure this policy setting, the SMB server will not log the event.

Policy
Pack Microsoft Windows
Category Network / Lanman Server
Policy ID 38aef879a5d8
Internal name Pol_AuditClientSpnSupport

Registry

Copy registry mappings

HKLM\Software\Policies\Microsoft\Windows\LanmanServer\AuditClientSpnSupport (enabled) = 1
HKLM\Software\Policies\Microsoft\Windows\LanmanServer\AuditClientSpnSupport (disabled) = 0

Policy notes

This policy controls whether the SMB server audits the Service Principal Name (SPN) provided by SMB clients during authentication. If you enable this policy setting, the SMB server will log an event whenever an SMB client doesn't send SPN or sends an invalid SPN during authentication. This audit data can help identify clients that may be incompatible with SPN validation before enforcement is enabled on SMB server. If you disable or do not configure this policy setting, the SMB server will not log the event.

Related policies

Audit client does not support encryptionAudit client does not support signingAudit insecure guest logonCipher suite orderDisable SMB compressionEnable authentication rate limiterEnable remote mailslots