Policy

Block NTLM (LM, NTLM, NTLMv2)

Microsoft Windows

Back to Lanman WorkstationBack to main
Block NTLM (LM, NTLM, NTLMv2)
Jump to overview

Policy overview

Key metadata and intent for this policy.

Computer
Category
Network > Lanman Workstation
Supported on
At least Windows Server 2025, Windows 11

Supported OS tags: Windows11, WindowsServer2025

This policy controls if the SMB client will block NTLM for remote connection authentication. If you enable this policy setting, the SMB client won't use NTLM for remote connection authentication. If you disable or do not configure this policy setting, the SMB client can still use NTLM.

Internal name
Pol_BlockNTLM
Policy ID
5bdea4597e3e
Elements
0

Registry values

How enabled and disabled states update the registry.

ScopeRegistry locationTypeEnabled valueDisabled valueCopy
Computer
Path
Software\Policies\Microsoft\Windows\LanmanWorkstation
Value name
BlockNTLM
REG_DWORD
HKLM
1
HKLM
0
Registry location
Type REG_DWORD · Computer
Path
Software\Policies\Microsoft\Windows\LanmanWorkstation
Value name
BlockNTLM
Hive
HKLM
Enabled value
1
Disabled value
0

Policy elements

Inputs and configuration options exposed by this policy.

This policy has no additional user input fields.