RequireStrongKey
HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Data type |
Range |
Default value |
|---|---|---|
REG_DWORD |
0 | 1 |
0 |
Description
Determines whether the system requires that all secure channel keys be computed using a strong key. If it does, the trusted domain controller on the other side of the channel must be able to compute strong keys. For public, non-exportable keys, a strong key is one that is 128 bytes or longer.
All secure channels have keys. The keys are used for authentication, signing, or encryption, depending on the capability and requirements of the systems.
Value |
Meaning |
|---|---|
0 |
The system does not require that the trusted domain controller be able to compute a strong key. |
1 |
The system requires that the trusted domain controller be able to compute a strong key. If the domain controller on the other side of the channel does not support strong key encryption, this system refuses to establish a channel. |
.gif)
Note
This entry should be set to 1 only when all of the trusted domains are able to compute strong keys.
Windows 2000 does not add this entry to the registry. You can add it by editing the registry or by using a program that edits the registry.
Related Entries
.gif)