 Digitally encrypt or sign secure channel data
| Operating System |
windows Xp /2003 |
| Category |
Security |
This tweak determines whether all secure channel traffic initiated by the domain member must be signed or encrypted.
When a computer joins a domain, a computer account is created. After that, when the system starts, it uses the computer account password to create a secure channel with a domain controller for its domain. This secure channel is used to perform operations such as NTLM pass through authentication, LSA SID\Name Lookup etc.
This tweak determines whether or not all secure channel traffic initiated by the domain member meets minimum security requirements. Specifically it determines whether all secure channel traffic initiated by the domain member must be signed or encrypted. If this policy is enabled, then the secure channel will not be established unless either signing or encryption of all secure channel traffic is negotiated
 Operating System Windows 2000 / XP / 2003
- Open your registry
- Go to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters
- create or modify if exists dword value called "requiresignorseal"
- Set value as 0 to disable this tweak Or 1 to enable this tweak
- restart windows for setting to take effect.
Back |
Awards