en-US

Audit SMB client SPN support

Supported on: At least Windows Server 2008 R2 or Windows 7

Registry

HKLM Software\Policies\Microsoft\Windows\LanmanServer

Value name: AuditClientSpnSupport

Enabled: AuditClientSpnSupport = 1

Disabled: AuditClientSpnSupport = 0

Description

This policy controls whether the SMB server audits the Service Principal Name (SPN) provided by SMB clients during authentication. If you enable this policy setting, the SMB server will log an event whenever an SMB client doesn't send SPN or sends an invalid SPN during authentication. This audit data can help identify clients that may be incompatible with SPN validation before enforcement is enabled on SMB server. If you disable or do not configure this policy setting, the SMB server will not log the event.