To disable Diffie-Hellman ciphers on IIS you need to modify this registry key.
From “Functions” you will need to remove all ciphers that contain “DH”. Once that is complete you can restart the server and verify (sslscan) that they are no longer being used.
Another approach would be to use IIS Crypto. It is a gui/cli freeware program that will modifiy the registry keys for you.