This page last changed on May 31, 2010 by jclark@atlassian.com.

It is useful to be able to find out which NTLM versions your SharePoint site is configured to use. This applies if you are using the IWA (NTLM only) configuration. See our guides for SharePoint 2007 and for SharePoint 2010.

You can find which NTLM version is used in your registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\LMCompatibilityLevel.

Once you have the registry open, determine the value data (0 - 5):

Level Group Policy Name Sends Accepts Prohibits Sending
0 Send LM and NTLM Responses LM, NTLM NTLMv2 Session Security is negotiated LM, NTLM, NTLMv2
NTLMv2 Session Security (on Windows 2000 below SRP1, Windows NT 4.0, and Windows 9x)
1 Send LM and NTLM---use NTLMv2 session security if negotiated LM, NTLM
NTLMv2 Session Security is negotiated
LM, NTLM, NTLMv2 NTLMv2
2 Send NTLM response only NTLM
NTLMv2 Session Security is negotiated
LM, NTLM, NTLMv2 LM and NTLMv2
3 Send NTLMv2 response only NTLMv2
Session Security is always used
LM, NTLM, NTLMv2 LM and NTLM
4 Send NTLMv2 response only/refuse LM NTLMv2 Session Security NTLM, NTLMv2 LM
5 Send NTLMv2 response only/refuse LM and NTLM NTLMv2, Session Security NTLMv2 LM and NTLM

Source Microsoft TechNet Magazine

More detailed discussion can be found here.

Document generated by Confluence on Feb 20, 2011 21:50