Domain member Digitally encrypt or sign secure channel data (always) GPO

NP 421 Reputation points
2023-05-14T23:44:25.19+00:00

we are a bit a behind the 8-ball with this. Trying to understand if i have this policy configured at the domain level or a specific policy for servers and for workstations? I can see it in the Default Domain Controller Policy but nowhere else.

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,465 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Daisy Zhou 20,471 Reputation points Microsoft Vendor
    2023-05-15T04:54:22.2766667+00:00

    Hello NP,

    Thank you for posting in our Q&A forum.

    For the GPO setting, you can see the Default value even though you did not set it on different machines.
    gpo

    https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always

    If you can not remember whether you have a specific policy for servers and for workstations.
    You can run gpresult /h on any server or workstation to see if you have configured it for the machine.

    Hope the information above is helpful. If you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.