Event details
12 Comments
When can we expect CSP or settings catalog Policies in Intune to elmininate NTLM and other active directory hardening? It's really frustrating to write scripts for all registry keys and it's more prone to error.
- Steve_Syfuhs
Microsoft
Existing NTLM disable sent policies are already available in GP and Intune. Can you clarify what more you're expecting to see?
Any chance this will be back ported to at least Windows Server 2022? I mean it's still supported for another five years at least.
- Steve_Syfuhs
No plan to backport to 2022 but if the demand is there that justifies the cost of doing so we would certainly consider it.
- Heather_Poulsen
Community Manager
Thanks for joining today’s session on “Eliminating NTLM in Windows” at Microsoft Technical Takeoff. Q&A will remain open through Friday so keep your comments and questions coming! Up next: One platform, many industries: smart Android management with Intune.
- Heather_Poulsen
Welcome to “Eliminating NTLM in Windows” at Microsoft Technical Takeoff. Q&A is open now and throughout the week. Please post any questions or feedback here in the Comments. [Note: If your organization’s policies prevent you from seeing the video on this page, you can also tune in on LinkedIn.]
Is it NTLMv1 that will be deprecated later this year or NTLMv2 also? It's not quite clear.
- Heather_Poulsen
AWTG - (From Steve_Syfuhs) - NTLMv1 has already been deprecated for more than a decade. It was deprecated when we introduced Credential Guard in Windows 10. As such, we're talking NTLMv2.
Hi, we have seen recommendations about eliminating NTLM in hardening NTLM, but having issues with Defender for Endpoint were it's not checking the correct keys to remediate this issue. Is this issue known within the Defender experts?
- Heather_Poulsen
Henk_-_Simac_IT_NL - (From Steve_Syfuhs) We're not aware of whether the Defender folks are aware of this, but we'll reach out to them to confirm and get a fix if necessary.
