Skip to main content

Network Security: LAN manager authentication level

In windows server 2008, if we go to Network Security: LAN manager authentication level(gpedit.msc -> Computer Configuration -> WindowsSettings -> SecuritySettings LocalPolicies -> securityoptions ) and right click on it, we cannot change the value of the authentication level. It is greyed out.

To change this we need to go to following registry entry..

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\LmCompatibilityLevel and set the value.

LmCompatibilityLevel should be

0 for Send LM & NTLM responses
1 for Send LM & NLTM - use NTLMv2 session security if negotiated
2 for Send NTLM response only
3 for Send NTLMv2 response only
4 for Send NTLMv2 response only\refuse LM
5 for Send NTLMv2 response only\refuse LM & NTLM


  1. how do i change it to: not defined????

    1. Just delete the registry entry mentioned above. I had to do it myself for testing. It worked.

  2. By default it should be Not Defined. If you changed it through the UI then Set some value like 10 in the registry key mentioned above.

  3. Thanks! I set it trying to get some software to work the way I want it and fubar'd my ability to login. :)

  4. From many days i was feeling LAN problem but now i,m clear about it after reading your blog. Thanks for sharing this. network security


Post a Comment

Popular posts from this blog

Cisco AnyConnect Secure Mobility Client - VPN service not available. The VPN agent service is not responding

Sometime there may be a possibility that Cisco AnyConnect Secure Mobile Client can crash and service will be continuously crashing if you go and see it in services.msc. I faced this issue when my laptop was shutdown forcefully and below I listed the resolution I found..

Client Version: 3.1.04049

Resolution: Open the browser you have been using. From the options, delete the complete browsing data stored. 

Then I found that service was crashing but it gave me a couple of secs opportunity to enter my password to connect to my VPN. I entered my password quickly and then I was successfully able to connect to the VPN and didn't face this issue again. Stupid resolution but still it may be useful for few more people here..