Avatar of jackbenson
Flag for United Kingdom of Great Britain and Northern Ireland

asked on 

should i configure: Network security: LAN Manager authentication level


I run a small company domain.

these are the operating systems I run:

2008 R2
2012 R2

Windows 7
Windows 10

IP Devices connected to the network:

IP Camera's (AXIS)
Audiocodes Gateway
Polycom VVX IP Phones
Snom IP Phones
Synology iSCSI Storage Array
Digi Anywhere USB/2

the reason I am asking is that I see the following Event when my servers boot:

EVENT 6038 LSA (LsaSrv)
Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and this server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.
NTLM is a weaker authentication mechanism. Please check:
      Which applications are using NTLM authentication?
      Are there configuration issues preventing the use of stronger authentication such as Kerberos authentication?
      If NTLM must be supported, is Extended Protection configured?

From what I have read the most secure setting will be: Level 5 - Send NTLMv2 response only. Refuse LM & NTLM

I am worried this will cause problems with network access.

What is the best practice?

Many Thanks

Windows Server 2012NetworkingMicrosoft Server OS

Avatar of undefined
Last Comment

8/22/2022 - Mon