Log Enhanced Domain-wide NTLM Logs

Supported OS tags: Windows11

This policy setting configures whether the domain controllers to which this setting is applied will log the new, enhanced domain-wide NTLM logs. These logs contain more information about NTLM authentication on a domain-wide level, including NTLMv1 usage. If enabled, domain controllers will log the new domain-wide NTLM logs. If disabled, domain controllers will not log the new domain-wide NTLM logs. If not configured, domain controllers will default to logging the new domain-wide NTLM logs. More information is available at aka.ms/ntlmlogandblock.

This policy has no additional user input fields.

• Computer
  Allow cryptography algorithms compatible with Windows NT 4.0

  At least Windows Vista
• Computer
  Contact PDC on logon failure

  At least Windows Server 2003 operating systems or Windows XP Professional
• Computer
  Set Netlogon share compatibility

  At least Windows Server 2003
• Computer
  Set scavenge interval

  At least Windows Server 2003 operating systems or Windows XP Professional
• Computer
  Set SYSVOL share compatibility

  At least Windows Server 2003
• Computer
  Specify expected dial-up delay on logon

  At least Windows Server 2003 operating systems or Windows XP Professional
• Computer
  Specify log file debug output level

  At least Windows Server 2003
• Computer
  Specify maximum log file size

  At least Windows Server 2003
• Computer
  Specify negative DC Discovery cache setting

  At least Windows Server 2003 operating systems or Windows XP Professional
• Computer
  Specify positive periodic DC Cache refresh for non-background callers

  At least Windows Server 2003 operating systems or Windows XP Professional
• Computer
  Specify site name

  At least Windows Server 2003 operating systems or Windows XP Professional
• Computer
  Use final DC discovery retry setting for background callers

  At least Windows Server 2003 operating systems or Windows XP Professional