Network security: Allow Local System to use computer identity for NTLM
|ID: oval:gov.nist.usgcb.windowsseven:def:20015||Date: (C)2012-04-13 (M)2017-10-26|
|Class: COMPLIANCE||Family: windows|
This policy setting allows Local System services that use Negotiate to use the computer identity when reverting to NTLM authentication.
If you enable this policy setting, services running as Local System that use Negotiate will use the computer identity. This might cause some authentication requests between Windows operating systems to fail and log an error.
If you do not configure this policy setting, services running as Local System that use Negotiate when reverting to NTLM authentication will authenticate anonymously. This was the behavior in previous versions of Windows.
This policy is supported on at least Windows 7 or Windows Server 2008 R2.
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Network security: Allow Local System to use computer identity for NTLM
(2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa!UseMachineId
|Microsoft Windows 7|