Disable anonymous enumeration of Users and Shares
Except under unusual circumstances an anonymous user has no need to enumerate Users and Shares of an Active Directory Domain. To restrict this ability through Group Policy , go to
Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options
The setting security policy setting
Network access: Do not allow anonymous enumeration of SAM accounts and shares
Controls this behavior.