Re: Domain policy "Do not allow anonymous enumeration" not applying
- From: "Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx>
- Date: Wed, 29 Jul 2009 14:59:50 +0100
Hi
In the machine go to:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\NT\CurrentVersion\Winlogon
Criate an entry with:
Value: UserEnvDebugLevel
Value Type: REG_DWORD
Value Data: 10002 (hexadecimal)
Logoff and log back
The file is saved to
File is written to:
%SystemRoot%\Debug\UserMode\Userenv.log
Open the file and search for errors
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MVP Directory Services
"Pete" <Pete@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:B43D520F-1014-440A-AC98-D891F94C902B@xxxxxxxxxxxxxxxx
Hello All,
I running into this weird problem, the domain policy listed below is not
applying to few win2k workstation:
Do not allow anonymous enumeration of SAM accounts and shares=enabled
Do not allow anonymous enumeration of SAM accounts=enabled
I am using NBTenum 3.3 to check the anonymous binding. The other machines in
the network are not allowing anonymous binding so not sure what could be
causing few workstations to behave differently. I also checked the registry
on these workstation
HKLM\system\CurrentControlSet\Control\LSA\RestricAnonymous=1, I even this
entry to 2 and still have to bind anonymously.
Thanks in advance for reading this post...
.
- Follow-Ups:
- References:
- Prev by Date: Re: Migrating Child Domain with Exchange Server
- Next by Date: Re: USN - DNS - Failed PDC
- Previous by thread: Re: Domain policy "Do not allow anonymous enumeration" not applyin
- Next by thread: Re: Domain policy "Do not allow anonymous enumeration" not applyin
- Index(es):
Relevant Pages
|
