Hi fellas,
We had a network access issue which was resolved by changing two local policies on clients which exhibited the problem. They are below:
Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options > Microsoft network client: Digitally sign communications (always): Disabled
Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options > Network Security: LAN Manager authentication level: Send LM & NTLM – use NTLMv2 sessions security if negotiated.
I made the changes on the reference VM and captured it using a normal sysprep and capture TS. The settings are set back to their defaults when I deploy the image, which produces the networking problem aforementioned. So I can see two possible workarounds:
1. Write a script to change the policies and insert it into the task sequence. If I do this, I have no idea of the syntax. I did see in the standard task sequence an entry for "Apply Local GPO Package" which references ZTIApplyGPOPack.wsf.
2. See if there's a way using DISM or another tool to make the GP change to the offline image. Is that even possible? Furthermore, I can't know for certain if the changes were in fact captured, but revert somehow during the deployment process.
Thanks