Hi, In running a routine security scan analysis of one of our exchange servers I got these warnings (see end of email). How do I disable "NULL BASE queries" and "NULL BIND" on the "LDAP Server" ? Usual searches did not turn up anything for me hence my post to this list. TIA and best regards Mike. Improperly configured LDAP servers will allow the directory BASE to be set to NULL. This allows information to be culled without any prior knowledge of the directory structure. Coupled with a NULL BIND, an anonymous user can query your LDAP server using a tool such as 'LdapMiner' Solution: Disable NULL BASE queries on your LDAP server Improperly configured LDAP servers will allow any user to connect to the server and query for information. Solution: Disable NULL BIND on your LDAP server