eSafe Proxy with NTLM v2.0
- 1. Open the Group Policy Editor with gpedit.msc;
- 2. Go to Computer Configuration – Windows Settings – Security Settings – Local Policies – Security Options;
- 3. Go to the setting: Network security: LAN Manager authentication level
- 4. Change this setting to: Send LM & NTLM – use NTLMv2 session security if negotiated
- 5. Apply the policy with gpupdate /force
This should solve the problem with single sign-on on Windows Vista, Windows 7 and Windows Server 2008 R2 and higher.
Disable NetBIOS and NTLM on Windows 2003 Domain Controllers
About NTLMv1/LM ... I don't think it's a problem disabling them (maybe only if you have some very old OS on your network). Regarding NETBIOS
I think the domain controller need this functionality for the replication. Anyway, for fully disable NETBIOS and SMB check
(as you can see it's not enough to check Disable Netbios over TCP/IP from
Advanced TCP/IP settings).
Free Windows event logs reports