Policy
Disallow Negotiate authentication
Windows 11 25H2
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows10, Windows10RT, Windows11, Windows7, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2008, WindowsServer2012, WindowsServer2012R2, WindowsServer2016, WindowsVista
This policy setting allows you to manage whether the Windows Remote Management (WinRM) client uses Negotiate authentication. If you enable this policy setting, the WinRM client does not use Negotiate authentication. If you disable or do not configure this policy setting, the WinRM client uses Negotiate authentication.
Registry values
How enabled and disabled states update the registry.
| Registry location | Type | Enabled value | Disabled value |
|---|---|---|---|
| HKLM\Software\Policies\Microsoft\Windows\WinRM\Client\AllowNegotiate | REG_DWORD | 0 | 1 |
Policy elements
Inputs and configuration options exposed by this policy.
This policy has no additional user input fields.
Other policies in this category
Explore related policies at the same level.
- ComputerAllow Basic authenticationAt least Windows Vista
- ComputerAllow CredSSP authenticationAt least Windows Vista
- ComputerAllow unencrypted trafficAt least Windows Vista
- ComputerDisallow Digest authenticationAt least Windows Vista
- ComputerDisallow Kerberos authenticationAt least Windows Vista
- ComputerTrusted HostsAt least Windows Vista