Disable anonymous enumeration of Users and Shares

Except under unusual circumstances an anonymous user has no need to enumerate Users and Shares of an Active Directory Domain. To restrict this ability through Group Policy , go to

Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options

The setting security policy setting

Network access: Do not allow anonymous enumeration of SAM accounts and shares

Controls this behavior.