Value: 5 : DC refuses LM and NTLM responses (accepts only NTLMv2)
Value: 4 : DC refuses LM responses
Value: 3 : Send NTLMv2 response only
Value: 2 : Send NTLM response only
Value: 1 : Use NTLMv2 session security if negotiated
Value: 0 : default - Send LM response and NTLM response; never use NTLMv2 session security
You MUST read KB Q147706 - How to Disable LM Authentication on Windows NT to understand compatibility issues. Its lists gotchas and implementation suggestions. SP4 added levels 3-5 and added considerable complexity. Also see Q175641 - LMCompatibilityLevel and Its Effects
For commercial networks, I suggest setting LMCompatibilityLevel to 1 on all NT workstations and servers. NTLMv2 will be used when possible and allow LANMAN compatibility for Win9x and Mac clients. In high-risk networks, set LMCompatibilityLevel to 5 - eliminiates Win9x and its weak authenication requirements.