Registry key controlling Directory Services Restore Mode (DSRM) logon behavior. Threat actors may modify this to allow network logons using the DSRM account for persistence.