Forum Discussion
disable Multicast Name Resolution (LLMNR) with Intune
Basher81 I haven't recieved an answer. The best way to do this is creating a powershell script to add the following registry setting:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient]
"EnableMulticast"=dword:00000000You can deploy this by either packaging with the win32 prep tool (application) or deploy it as a powershell script.
Hope this will help you.
AadLutgert 🤞 maby you can help us out. So i was able to create the reg key EnableMulticast, but when looking at the Gpedit.msc, i still see the Multicast setting ' not configured'.
Maby is the heat 😅 or i'm missing something. Goal in the end, would be to disable LLMNR and Netbios using Intune.
Kind regards, Martijn
Hi Martijn,
I'm seeing the same behaviour in the GPedit setting, but when I'm testing it using Kali Linux as described in this article https://www.4armed.com/blog/llmnr-nbtns-poisoning-using-responder/ it does seem to work.
best regards,
Aad Lutgert
There is also a new policy setting available In the latest Windows 10 Insider Preview Build named:
ADMX_DnsClient/Turn_Off_Multicast
Using this policy setting LLMNR can be disabled on client computers. more info can be found here:
https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-admx-dnsclient
- Thank you!
