Require Encryption
Jump to overview

Policy overview

Key metadata and intent for this policy.

Computer
Category
Network > Lanman Workstation
Supported on
At least Windows Server 2022, Windows 11

Supported OS tags: Windows11, WindowsServer2022

This policy controls whether the SMB client will require encryption. If you enable this policy setting, the SMB client will require the SMB server to support encryption and encrypt the data. If you disable or do not configure this policy setting, the SMB client will not require encryption. However, SMB encryption may still be required; see notes below. Note: This policy is combined with per-share, per-server, and per mapped drive connection properties, through which SMB encryption may be required. The SMB server must support and enable SMB encryption. For example, should this policy be disabled (or not configured), the SMB client may still perform encryption if an SMB server share has required encryption. Important: SMB encryption requires SMB 3.0 or later

Internal name
Pol_RequireEncryption
Policy ID
d4b99b62d21b
Elements
0

Registry values

How enabled and disabled states update the registry.

ScopeRegistry locationTypeEnabled valueDisabled valueCopy
Computer
Path
Software\Policies\Microsoft\Windows\LanmanWorkstation
Value name
RequireEncryption
REG_DWORD
HKLM
1
HKLM
0
Registry location
Type REG_DWORD · Computer
Path
Software\Policies\Microsoft\Windows\LanmanWorkstation
Value name
RequireEncryption
Hive
HKLM
Enabled value
1
Disabled value
0

Policy elements

Inputs and configuration options exposed by this policy.

This policy has no additional user input fields.