The Pigstye

Tom Willett's Playground

Here you will find my collected notes, code and musings.

• Home
• Computer Forensics >>
• Notes
• PowerShell Scripts
• Remediation
• Documentation
• SysAdmin
• Code

Disable anonymous enumeration of Users and Shares

Except under unusual circumstances an anonymous user has no need to enumerate Users and Shares of an Active Directory Domain. To restrict this ability through Group Policy , go to

Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options

The setting security policy setting

Network access: Do not allow anonymous enumeration of SAM accounts and shares

Controls this behavior.

https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares

This Website made with hand crafted html and css.

Everything here is released under the No License.