Audit SMB client SPN support
Supported on: At least Windows Server 2008 R2 or Windows 7
Registry
HKLM
Software\Policies\Microsoft\Windows\LanmanServer Value name: AuditClientSpnSupport
Enabled: AuditClientSpnSupport = 1
Disabled: AuditClientSpnSupport = 0
Description
This policy controls whether the SMB server audits the Service Principal Name (SPN) provided by SMB clients during authentication. If you enable this policy setting, the SMB server will log an event whenever an SMB client doesn't send SPN or sends an invalid SPN during authentication. This audit data can help identify clients that may be incompatible with SPN validation before enforcement is enabled on SMB server. If you disable or do not configure this policy setting, the SMB server will not log the event.