Daryl Weitz Analyst/Developer University Advancement University of Denver 303.871.2507 www.du.edu/give2du
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Arden Pineda Sent: Wednesday, March 03, 2004 12:31 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Prevent Windows 9x from logging into AD As long as your Win9x clients do not have the Active Directory Client Extensions loaded, these clients will not be able to do NTLM v2 authentication. So, you need to disable LM/NTLM support using Group Policy, local or nonlocal, Computer Configuration\Windows Settings\Security settings\Security Options LAN Manager Authentication Level = Send NTLM v2 response only\refuse LM & NTLM or by editing the registry for NT4SP4 or higher HKLM\System\CurrentControlSet\Control\LSA LMCompatibilityLevel:REG_DWORD = 5 Hope this helps. Regards, arden > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Narkinsky, Brian > Sent: Wednesday, March 03, 2004 11:20 AM > To: [EMAIL PROTECTED] > Subject: [ActiveDir] Prevent Windows 9x from logging into AD > > IS there anyway to keep users from authenticating from a > standard Windows 9x machine? > > I am trying to kill the last few of these guys on our network > and I thought there was some sort of NTLM registry setting I > could set such that on NT clients could autenticate. > > Brian > > Brian Narkinsky > > System Manager > > Department of Environmental Protection > > MS 6520 > > 2600 Blairstone RD > > Tallahassee, FL 32399 > > phone (850)245-8314 > > fax (850)412-0400 > > > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
