@Jörgen Nilsson 

Thanks for your suggestion. I've thought about this option, but ingestion is not allowed for the key location used by this setting. The location used is:

software\policies\microsoft\windows NT\DNS client

And it's not possible to ingest policies for the following key locations:

System

Software\Windows

Software\Policies\Microsoft 

And there isn't an exception for the key "windows nt" in the exception list. 

Please let me know if this isn't correct.

@Aad Lutgert DId you ever figure this out? I am running into the same thing now 

@Aad Lutgert :crossed_fingers: maby you can help us out. So i was able to create the reg key EnableMulticast, but when looking at the Gpedit.msc, i still see the Multicast setting ' not configured'. 
Maby is the heat :grinning_face_with_sweat: or i'm missing something. Goal in the end, would be to disable LLMNR and Netbios using Intune.

Kind regards, Martijn

@Martijn Steffens 

Hi Martijn,

I'm seeing the same behaviour in the GPedit setting, but when I'm testing it using Kali Linux as described in this article LLMNR and NBT-NS Poisoning Using Responder | 4ARMED it does seem to work. 

best regards,

Aad Lutgert

There is also a new policy setting available In the latest Windows 10 Insider Preview Build named:

ADMX_DnsClient/Turn_Off_Multicast

Using this policy setting LLMNR can be disabled on client computers. more info can be found here:

https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-admx-dnsclient