SCHANNEL ADM Template

Windows' SChannel is the "service" that handles all the secure internet communications, such as PCT, SSL, and TLS. For security reasons, you may want to disable the older secure communication protocols, such as SSL 2.0 or obsolete ciphers, such as 56-bit DES.

I created this Administrative Template for Group Policy to control these settings. Unfortunately, Microsoft did not store these settings in the "true policy" locations of the registry, so in the GPEDIT.MSC you need to click on Administrative Templates, then select View -> Filtering... Uncheck "Only show policy settings that can be fully managed." This will allow you to see the "preferences." (Policy settings that are not fully managed are called Preferences.) You can google for more information on the differences between policies and preferences.

This administrative template was designed for Windows Server 2003 R2 and older and Windows XP and older. It seems to work on newer Windows operating systems, but they are more secure by default, so it is probably not necessary.

For more information, see the blog posts below!

Blog Posts about SCHANNEL Administrative Template...
SCHANNEL.ADM Updated (Sept 27, 2010)
Administrative Template for Configuring SCHANNEL (Feb 9, 2006)


Download SCHANNEL Administrative Template...
SCHANNEL.ADM (Zipped)