How to Enable Audit SMB Servers Lacking Encryption Support using Intune

The "Audit Server Does Not Support Encryption" policy in Microsoft Intune is designed to help IT administrators identify legacy or vulnerable SMB servers that lack encryption support. When enabled, this policy logs events on Windows client machines whenever they connect to an unencrypted SMB server, providing visibility into insecure connections.

This proactive auditing allows organizations to assess risks and prioritize remediation before enforcing mandatory encryption across their network, thereby enhancing data protection during file sharing. To configure the policy, admins use the Intune Admin Center to create a new configuration profile targeting Windows 10 and later.

They select the relevant setting under the Lanman Workstation category, enable the audit feature, and assign it to specific device groups. Once deployed, the policy’s success can be monitored via Intune’s status dashboard and validated on client machines through Event Viewer logs.

Admins can also manage scope tags, remove group assignments, or delete the policy entirely if needed. The policy is supported on Windows 11 version 24H2 and later, with registry details provided for advanced configuration.

[New Post] 🎯How to Enable Audit SMB Servers Lacking Encryption Support using Intune

🔥Enable Audit SMB Servers Lacking Encryption

🔥Real Word Example of Audit SMB Servers Policy

🔥Helps to Enforce High Security Standards

🔥Identification of Vulnerable or Legacy Servers

🔥How this Policy Helps Admins

🔥Client-Side Behavior

🔐 Purpose of the Policy

• Policy Name: Audit Server Does Not Support Encryption
• Function: Enables auditing when a Windows SMB client connects to a server that doesn’t support encryption.
• Security Goal: Identifies legacy or vulnerable servers before enforcing mandatory encryption.

🛠️ Configuration Steps in Intune

Sign in to Intune Admin Center

• Navigate to: Devices > Configuration > +Create > +New Policy

Choose Platform and Profile

• Platform: Windows 10 and later
• Profile Type: Settings catalog

Basic Details

• Provide a name (mandatory) and description (optional) for the policy.

Add Settings

• Category: Lanman Workstation
• Setting: Audit Server Does Not Support Encryption

Enable the Policy

• Default is Disabled; switch to Enabled to activate auditing.

Scope Tags and Group Assignment

• Optional: Add scope tags.
• Assign to specific groups via the Assignment tab.

Review and Create

• Verify all settings before clicking Create.

This is the new post published in HTMD Community AnoopCNair.com website and this is related to How to Enable Audit SMB Servers Lacking Encryption Support using Intune.

Read Full Article - https://www.anoopcnair.com/audit-smb-servers-lacking-encryption-intune/

#Intune #MSIntune #HTMDCommunity