To use the local security settings to force Windows Server 2008, Windows Server 2003, Windows 7, Windows Vista, Windows XP and 2000 to use NTLMv2:
- Open the Local Security Policy console, using one of the following methods:
The Local Security Policy console will appear.
- From the Control Panel, through Administrative Tools:
- From the
Start
menu, select Control Panel
(Windows XP default view) or Settings
and then Control Panel
(Windows 2000 or 2003, or Windows XP Classic View).
- Double-click
Administrative Tools
, and then Local Security Policy
.
- Through the
Run
dialog box:
- From the
Start
menu, select Run...
.
- In the
Open...
field, enter: secpol.msc
- Click
OK
.
- Find "Network Security: LAN Manager authentication level", which is located in Security Settings, Local Policies, Security Options.
- Set the LAN Manager authentication level to
NTLMv2 response only/refuse LM and NTLM
.
Note: Windows 7 and Vista default to using NTLMv2 authentication.
To configure domain default NTLM policies of servers joining Windows domain, on Windows Server 2008 or Server 2003:
- Open 'Domain Security Policy' in Administrative Tools of Control Panel
- Find "Network Security: LAN Manager authentication level", which is located in Security Settings, Local Policies, Security Options.
- Set the LAN Manager authentication level to
NTLMv2 response only/refuse LM and NTLM
.
More more details, please refer to http://technet.microsoft.com/en-us/library/cc738867(v=ws.10).aspx