Policy

Log Enhanced Domain-wide NTLM Logs

This policy setting configures whether the domain controllers to which this setting is applied will log the new, enhanced domain-wide NTLM logs. These logs contain more information about NTLM authentication on a domain-wide level, including NTLMv1 usage. If enabled, domain controllers will log the new domain-wide NTLM logs. If disabled, domain controllers will not log the new domain-wide NTLM logs. If not configured, domain controllers will default to logging the new domain-wide NTLM logs. More information is available at aka.ms/ntlmlogandblock.

Policy
Pack Microsoft Windows
Category System / Net Logon
Policy ID 92fa63380af3
Internal name Netlogon_EnhancedDomainNtlmLogs

Registry

Copy registry mappings

HKLM\Software\Policies\Microsoft\Netlogon\Parameters\EnableEnhancedDomainNtlmLogs (enabled) = 1
HKLM\Software\Policies\Microsoft\Netlogon\Parameters\EnableEnhancedDomainNtlmLogs (disabled) = 0

Policy notes

This policy setting configures whether the domain controllers to which this setting is applied will log the new, enhanced domain-wide NTLM logs. These logs contain more information about NTLM authentication on a domain-wide level, including NTLMv1 usage. If enabled, domain controllers will log the new domain-wide NTLM logs. If disabled, domain controllers will not log the new domain-wide NTLM logs. If not configured, domain controllers will default to logging the new domain-wide NTLM logs. More information is available at aka.ms/ntlmlogandblock.

Related policies

Allow cryptography algorithms compatible with Windows NT 4.0Contact PDC on logon failureSet Netlogon share compatibilitySet scavenge intervalSet SYSVOL share compatibilitySpecify expected dial-up delay on logonSpecify log file debug output level