Policy selection for ADMX packs

Policy overview

Key metadata and intent for this policy.

ClassComputer

CategorySystem > Net Logon

Supported onAt least Windows Server 2003 operating systems or Windows XP Professional

Supported OS tags: Windows10, Windows10RT, Windows11, Windows7, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2003, WindowsServer2008, WindowsServer2012, WindowsServer2012R2, WindowsServer2016, WindowsVista, WindowsXP

This policy setting defines whether a domain controller (DC) should attempt to verify the password provided by a client with the PDC emulator if the DC failed to validate the password. Contacting the PDC emulator is useful in case the client’s password was recently changed and did not propagate to the DC yet. Users may want to disable this feature if the PDC emulator is located over a slow WAN connection. If you enable this policy setting, the DCs to which this policy setting applies will attempt to verify a password with the PDC emulator if the DC fails to validate the password. If you disable this policy setting, the DCs will not attempt to verify any passwords with the PDC emulator. If you do not configure this policy setting, it is not applied to any DCs.

Internal name

Netlogon_AvoidPdcOnWan

Policy ID

1edbfd09cb95

Elements

Registry values

How enabled and disabled states update the registry.

Registry location	Type	Enabled value	Disabled value
HKLM\Software\Policies\Microsoft\Netlogon\Parameters\AvoidPdcOnWan	REG_DWORD	0	1

Policy elements

Inputs and configuration options exposed by this policy.

This policy has no additional user input fields.

Other policies in this category

Explore related policies at the same level.

View all policies in this category