Forum Discussion

AadLutgert's avatar
AadLutgert
Brass Contributor
Sep 09, 2019
Solved

disable Multicast Name Resolution (LLMNR) with Intune

I'm looking for a way to disable Multicast Name Resolution (LLMNR) using Intune. I've checked the MDM Security baseline and all Device configuration policies, but was unable to find the setting. I ra...
Intune
mobile device management (mdm)
security
  • AadLutgert's avatar
    AadLutgert
    Feb 22, 2020

    Basher81 I haven't recieved an answer. The best way to do this is creating a powershell script to add the following registry setting:

     

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient]
    "EnableMulticast"=dword:00000000

     

    You can deploy this by either packaging with the win32 prep tool (application) or deploy it as a powershell script. 

     

    Hope this will help you.

nithilin's avatar
nithilin
Copper Contributor
Mar 17, 2025

Hi everyone finding this thread from google,

Intune has this setting in the Settings Catalog, so no need for the script anymore. 

New Configuration Profile - Win10 and later Settings Catalog, Administrative Templates\Network\DNS Client\
"Turn off multicast Name Resolution". 

As far as I can tell, its still a good recommendation to disable this in enterprise environments as the setting leaves you open to Man-In-The-Middle attacks. 

/Kevin

 

Resources