(MAC) Digital signing settings which assist with the addition of Apple Mac Clients to your Network
View products that this article applies to.
Author:Nick Whittome MVP
Community Solutions Content Disclaimer
Article ID : 555652
Last Review : June 30, 2006
Revision : 1.0
SUMMARY
The following Group Policy security settings are recommended for Apple Mac Client connectivity to your Small Business Network.
Back to the top Back to the top
SYMPTOMS
Without the following settings, Apple Macintosh clients may not be able to connect to your server.
Back to the top Back to the top
RESOLUTION
Edit the Default Domain Controllers Policy and set the following:
Domain Member: Digitally encrypt sign secure channel data (always): Disabled
Domain Member: Digitally encrypt secure channel data (when possible): Enabled
Domain Member: Digitally sign secure channel data (when possible): Enabled
Microsoft Network Server: Digitally sign communications (always): Disabled
Microsoft Network Server: Digitally sign communications (when possible): Enabled
Microsoft Network Client: Digitally Sign communications (Always): Disabled.
Microsoft Network Client: Digitally sign communications (if server agrees): Enabled
Network Security: LAN Manager authentication level: Send LM & NTLM responses
*I set the “Network Security” policy to “NTLMv2 only – refuse LM & NTLMv1” on a few servers that were running ExtremeZ with Kerberos enabled and/or the MS NTLM v2 module update with no problems from my Tiger systems.
Recent Comments