I'm gearing up for a security audit and one thing I'd like to try is removing the lm hash file from my machines. It looks like a simple GP change:
I'm just curious how exactly this should work. From what I've read the LM hash is stored in the c:\windows\system32\config
folder in a SAM file. Once I create the new policy should that file be gone from the machine? I need a way to confirm that its doing what I think it should be doing.