allow dcerpc auth level connect

This option controls whether DCERPC services are allowed to be used with DCERPC_AUTH_LEVEL_CONNECT, which provides authentication, but no per message integrity nor privacy protection.
Some interfaces like samr, lsarpc and netlogon have a hard-coded default of no and epmapper, mgmt and rpcecho have a hard-coded default of yes.
The behavior can be overwritten per interface name (e.g. lsarpc, netlogon, samr, srvsvc, winreg, wkssvc ...) by using 'allow dcerpc auth level connect:interface = yes' as option.
This option yields precedence to the implementation specific restrictions. E.g. the drsuapi and backupkey protocols require DCERPC_AUTH_LEVEL_PRIVACY. The dnsserver protocol requires DCERPC_AUTH_LEVEL_INTEGRITY.

Example: yes

Supported on: At least Microsoft Windows 7 or Windows Server 2008 family

allow dcerpc auth level connect
Registry PathSoftware\Policies\Samba\smb_conf\allow dcerpc auth level connect
Value Nameallow dcerpc auth level connect
Default Value0
True Value1
False Value0


Administrative Templates (Computers)