Tools Links Login

Restricting Information Available to Anonymous Logon Users

Windows NT has a feature where anonymous logon users can list domain user names and enumerate share names. Customers who want enhanced security have requested the ability to optionally restrict this functionality.

  1. Run Registry Editor (regedit.exe).
  2. Go to the following key in the registry:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA
  3. On the Edit menu, click Add Value and use the following entry:
    Value Name: RestrictAnonymous Data Type: REG_DWORD Value: 1
  4. Exit the Registry Editor and restart the computer for the change to take effect. Note: It is only possible to control this operation after installing Windows NT 4.0 Service Pack 3 or the Windows NT 3.51 hotfix.

Key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA]
Value Name: RestrictAnonymous Data
Type: REG_DWORD
Data: (0=disabled, 1=enabled)

More Info: http://support.microsoft.com/support/kb/articles/q143/4/74.asp

About this post

Posted: 2007-05-03
By: FortyPoundHead
Viewed: 2,525 times

Categories

Windows

Attachments

No attachments for this post

Loading Comments ...

Comments

No comments have been added for this post.

You must be logged in to make a comment.