Weak LAN Manager hashing permitted

I am getting this other ding on my security report.
I am not sure if it is a domino issue or if it is because of something
that is not 'bind specific' to a particular IP address but is creeping
over to include the IP address of my Domino servers on this lpar of IBM i.
Details. This lpar of IBM i has multiple IP addresses assigned to it. One
generally reserved for "IBM i" stuff and a few others for various Domino
servers on this lpar. So far we have only told the security scan a few
initial IP addresses to check internal to our corporation. One of them
being one of the Domino servers on this lpar. My first step is to
determine if this is a Domino issue or is it just picking on the Domino IP
address when it's really a IBM i issue that didn't bind to any particular
IP address.

Here is the ding:
3.2. Severe Vulnerabilities
3.2.2. Weak LAN Manager hashing permitted (cifs-generic-0005)
Description:
This system allows remote users to authenticate using the LAN Manager (LM)

password hashing mechanism. The LM hash can easily be cracked by a user
eaves-dropping on the network. Microsoft provides a more secure
authentication method called NTLMv2 that should always be used instead of
LM. NTLMv2 is available in Windows NT 4.0 SP4 and later (including Windows

2000, Windows XP, and Windows 2003). For more information, see MSKB
article Q147706.

Affected Nodes: Additional Information:
xx.xx.xx.xx Server did not return extended security data.
where xx.xx.xx.xx is the IP address of the Domino server on this lpar of
IBM i.

Domino or IBM i bind non specific issue?

If IBM i bind non specific issue I suspect the resolution will be to
upgrade our QPWDLVL from 0. We're planning on going to 2 shortly anyway.
Already increased it to 2 on one sandbox lpar.


Rob Berendt