[THIN] Re: Question on RemoteAnonymous
- From: Anthony_Baldwin@xxxxxxxxx
- To: thin@xxxxxxxxxxxxx
- Date: Fri, 13 Jul 2007 09:28:43 -0400
Andrew,
According to
http://technet2.microsoft.com/windowsserver/en/library/6361e9c2-73ad-49c3-a012-6d09cebd31611033.mspx?mfr=true
The restrictanonymous = 2 setting is not supported in 2003.
And you should use the EveryoneIncludesAnonymous setting to control
anonymous access to 'other securable objects'.
Tony
"Andrew Wood" <andrew.wood@xxxxxxxxxxxxxxxx>
Sent by: thin-bounce@xxxxxxxxxxxxx
07/12/2007 11:33 AM
Please respond to
thin@xxxxxxxxxxxxx
To
<thin@xxxxxxxxxxxxx>
cc
Subject
[THIN] Re: Question on RemoteAnonymous
Of course, that should all have said ?restrictanonymous? ? but you get
the jist
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Andrew Wood
Sent: 12 July 2007 16:30
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Question on RemoteAnonymous
Hi,
I?ve been tasked with disable Null Netbios sessions, not a particular
problem, set HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa to
dword 2
However, while this *was* possible as a Group Policy in W2k, in W2k3 we
have
Computer Configuration==>Windows Settings==>Security Settings==>Local
Policies==>Security Options
Network access: Do not allow anonymous enumeration of SAM accounts and
shares
Possible settings for this policy are only.. Enabled and Disabed
This policy also corresponds to the registry entry,
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa = 1 or 0.
:?
So..
Is it that I have to mess about creating a new policy template, or has
someone got one already?
Tia.
Andrew
Gilwood CS Ltd
Registered Office : 197 Leechmere Road, Sunderland, UK, SR2 9DL. No.
6099397 England
Other related posts:
