有關Windows 7 出現NTLM相關問題的Solution
今日再次遇到Win7 連上內部系統時出現NTLM 的問題。
雖然看見的徵狀和早前遇到的情況不同,但可以用相同的方法,透過利用Regedit修改Windows Registry (登錄檔)去解決。
在本機安全性原則(secpol.msc)修改Lan Manager 驗證等級亦可。
其實主要改動在於LmCompatibilityLevel 的value。最適當的值要視乎你的工作環境。
以下網址是TechNet上的資料:
|
Value
|
Meaning
|
|---|---|
|
0
|
Clients use LM and NTLM authentication, but they never use NTLMv2 session security. Domain controllers accept LM, NTLM, and NTLMv2 authentication.
|
|
1
|
Clients use LM and NTLM authentication, and they use NTLMv2 session security if the server supports it. Domain controllers accept LM, NTLM, and NTLMv2 authentication.
|
|
2
|
Clients use only NTLM authentication, and they use NTLMv2 session security if the server supports it. Domain controller accepts LM, NTLM, and NTLMv2 authentication.
|
|
3
|
Clients use only NTLMv2 authentication, and they use NTLMv2 session security if the server supports it. Domain controllers accept LM, NTLM, and NTLMv2 authentication.
|
|
4
|
Clients use only NTLMv2 authentication, and they use NTLMv2 session security if the server supports it. Domain controller refuses LM authentication responses, but it accepts NTLM and NTLMv2.
|
|
5
|
Clients use only NTLMv2 authentication, and they use NTLMv2 session security if the server supports it. Domain controller refuses LM and NTLM authentication responses, but it accepts NTLMv2.
|
ref: http://technet.microsoft.com/en-us/library/cc960646.aspx
方法請參考: