Policy

Log Enhanced Domain-wide NTLM Logs

Microsoft Windows

Back to Net LogonBack to main
Log Enhanced Domain-wide NTLM Logs
Jump to overview

Policy overview

Key metadata and intent for this policy.

Computer
Category
System > Net Logon
Supported on
At least Windows 11 Version 24H2

Supported OS tags: Windows11

This policy setting configures whether the domain controllers to which this setting is applied will log the new, enhanced domain-wide NTLM logs. These logs contain more information about NTLM authentication on a domain-wide level, including NTLMv1 usage. If enabled, domain controllers will log the new domain-wide NTLM logs. If disabled, domain controllers will not log the new domain-wide NTLM logs. If not configured, domain controllers will default to logging the new domain-wide NTLM logs. More information is available at aka.ms/ntlmlogandblock.

Internal name
Netlogon_EnhancedDomainNtlmLogs
Policy ID
92fa63380af3
Elements
0

Registry values

How enabled and disabled states update the registry.

ScopeRegistry locationTypeEnabled valueDisabled valueCopy
Computer
Path
Software\Policies\Microsoft\Netlogon\Parameters
Value name
EnableEnhancedDomainNtlmLogs
REG_DWORD
HKLM
1
HKLM
0
Registry location
Type REG_DWORD · Computer
Path
Software\Policies\Microsoft\Netlogon\Parameters
Value name
EnableEnhancedDomainNtlmLogs
Hive
HKLM
Enabled value
1
Disabled value
0

Policy elements

Inputs and configuration options exposed by this policy.

This policy has no additional user input fields.