2.2.4.6 Phase 1 and Phase 2 Auth Suite Methods

Keys: Software\Policies\...\Phase1AuthenticationSet\<wszSetId>\<SuiteIndex>, or Software\Policies\...\Phase2AuthenticationSet\<wszSetId>\<SuiteIndex>,

Value: "Method"

Type: REG_SZ.

Size: Equal to size of the Data field.

Data: a Unicode string that uses the following grammar rules to encode an authentication method.

 PHASE1-AUTH-METHOD-VAL = "Anonymous" / "MachineKerb" / "MachineCert" 
 PHASE1-AUTH-METHOD-VAL =/ "MachineSHKey" / "MachineNtlm"
  
 PHASE2-AUTH-METHOD-VAL = "Anonymous" / "MachineCert" / "UserKerb" 
 PHASE2-AUTH-METHOD-VAL =/ "UserCert" / "UserNtlm"

Anonymous - this token represents the FW_AUTH_METHOD_ANONYMOUS enumeration value as defined in [MS-FASP] section 2.2.60. The remaining tokens can be found in the same Protocol specification section.

MachineKerb - this token represents the FW_AUTH_METHOD_MACHINE_KERB enumeration value.

MachineCert - this token represents the FW_AUTH_METHOD_MACHINE_CERT enumeration value.

MachineSHKey - this token represents the FW_AUTH_METHOD_MACHINE_SHKEY enumeration value.

MachineNtlm - this token represents the FW_AUTH_METHOD_MACHINE_NTLM enumeration value.

UserKerb - this token represents the FW_AUTH_METHOD_USER_KERB enumeration value.

UserCert - this token represents the FW_AUTH_METHOD_USER_CERT enumeration value.

UserNtlm - this token represents the FW_AUTH_METHOD_USER_NTLM enumeration value.

This value represents the Method field of the FW_AUTH_SUITE structure as defined in [MS-FASP] section 2.2.63. If the value is read from a phase 1 key then the PHASE1-AUTH-METHOD-VAL grammar rule MUST be used. If the value is read from a phase 2 key then the PHASE2-AUTH-METHOD-VAL grammar rule MUST be used.