For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base: How to back up and restore the registry in Windows. In Windows NT 4. Click Start , click Run , type regedt32 , and then click OK. Expand the following registry subkeys, and then view the value that is assigned to the RestrictAnonymous entry:.
Expand the following registry subkeys, and then view the value that is assigned to the LM Compatibility entry:. Expand the following registry subkeys, and then view the value that is assigned to the EnableSecuritySignature server entry:. Expand the following registry subkeys, and then view the value that is assigned to the RequireSecuritySignature server entry:. Expand the following registry subkeys, and then view the value that is assigned to the RequireSignOrSeal entry:.
Expand the following registry subkeys, and then view the value that is assigned to the SealSecureChannel entry:.
Expand the following registry subkeys, and then view the value that is assigned to the SignSecureChannel entry:. Expand the following registry subkeys, and then view the value that is assigned to the RequireStrongKey entry:.
Make sure that the Everyone group is in the Access this computer from the network list. Verify that there are no principle groups in the Deny access to this computer from the network list, and then click OK. For example, make sure that Everyone, Authenticated Users, and other groups, aren't listed. To verify the required user rights on a Windows NT Server 4. In the Right list, click Access this computer from the network. If a trust is set up between the domains, but you can't add principle user groups from one domain to the other because the dialog box doesn't locate the other domain objects, the "Pre-Windows compatible access" group may not have the correct membership.
On the Windows based domain controllers and the Windows Server based domain controllers, make sure that the required group memberships are configured. Stay on top of the latest WS2K3 tips and tricks with our free Windows Server newsletter, delivered each Wednesday.
Automatically sign up today! Editor's Picks. The best programming languages to learn in Check for Log4j vulnerabilities with this simple-to-use script. TasksBoard is the kanban interface for Google Tasks you've been waiting for. Privacy policy. Allowing old NT4 cryptography algorithms could be a serious security risk, and could be a signal that in the environment there might still be very old and unsecure hardware or software being used like NT4 or older SAMBA SMB clients..
Besides, all currently supported OS don't even honor this setting anymore. Any security-channel-dependent operation that is initiated by clients running older versions of the Windows operating system or running non-Microsoft operating systems that do not support strong cryptographic algorithms will fail against a domain controller that runs Windows Server , Windows Server R2 or Windows Server with default settings.
Can you help us improve? Resolved my issue. Clear instructions. Easy to follow. No jargon. Pictures helped. Didn't match my screen. Incorrect instructions. Too technical. Not enough information. Not enough pictures. Any additional feedback? Submit feedback.
Thank you for your feedback!
0コメント