Windows – How to change Local Security Policy with Win 8 Home using registry

ntlmwindows 8.1windows-registry

Hi I have attached a USB external Drive to my new TG582n Router. Fantastic, no messing every Computer and devices with access to the network can now use the drive.

All but My Windows 8.1 desktop. It see's the drive on the network, but refuses to open it saying to check my spelling. If I diagnose to error It tells me that the remote device or resources won't except connection.

I had a quick look around and the answer seems to be.

Control Panel – Administrative Tools – Local Security Policy

Local Policies – Security Options

Network security: LAN Manager authentication level
Set to Send LM & NTLM responses only

Set the Minimum session security for NTLM SSP
Disable Require 128-bit encryption.

All well and good, but I have Windows 8.1 home, so no Local Security Policy.

I'm convinced that Local Security Policy is just a nice front end to changing Registry Values.

So another quick look and I found this
Windows 8 security policy "LAN Manager Authentication Level"

So that's the first bit sorted.

Has anybody got an idea about Disabling 128-bit encryption via registry?

Or am I just barking up the wrong tree?

Best Answer

To fully disable 128 bit go here.

HKLM\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0

change

NtlmMinClientSec=0x00000000

There are intermediary settings (less than 128bit, but not fully disabled) discussed here.

http://www.ultimatewindowssecurity.com/wiki/WindowsSecuritySettings/Network-security-Minimum-session-security-for-NTLM-SSP-based-including-secure-RPC-clients