hello,
Information I'm finding regarding NtlmMinClientSec and NtlmMinServerSec settings all say they are for 'applications' that use NTLM SSP.. however they don't specifically say 'third party' applications, so are there builtin windows components/tools that would in fact be using NTLM SSP and therefore be affected by these settings?
Example of the reference information:
http://technet.microsoft.com/en-us/magazine/2006.08.securitywatch.aspx
"Hardening the NTLM SSP
The NtlmMinClientSec and NtlmMinServerSec settings, which are known as some variant of "Minimum session security for NTLM SSP based (including secure RPC) clients" in Group Policy, govern which behaviors are allowed for applications using the NTLM
Security Support Provider (SSP). The SSP Interface (SSPI) is used by applications that need authentication services.
The NtlmMinClientSec and NtlmMinServerSec settings do not modify how the authentication sequence works. Rather, they are used to require certain behaviors in applications that use the SSPI. Each setting contains a bitmask that can be used to require some combination
of up to four different types of behaviors, shown in Figure A.
The easiest way to differentiate between the NTLM SSP settings and LMCompatibilityLevel setting is by just considering the items they affect. The SSPI settings govern the behavior of applications that use authentication, while LMCompatibilityLevel governs which
authentication protocols the operating system can use."