...
The key that needs to be changed is: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Deepnet Security\Windows Logon
All that is required needed is to add an extra D-WORD DWORD value called called MFAforNDM with the value of 1;
...
This change can be deployed through GPO: https://www.techcrafters.com/portal/en/kb/articles/how-to-add-edit-deploy-and-import-registry-keys-through-gpo#How_to_Add_Edit_a_Registry_Key_via_Group_Policy_Objects
You will also need The second step required is to access the DualShield Administration Console to and modify the the UAC settings found within the Computer Logon Client policy. Although strictly speaking UAC does not protect network drive mappings nor are you using Computer Logon software, however, some of the features in this policy do apply to the behavior of Windows Logon, therefore UAC authentication must be set to Multi-Factor Authentication for this to work..
...
You will most likely need to restart the client PC for these changes this change to take affecteffect.