Restrct Anonymous Logon
Posted on 2004-09-11
I have a 2003 box that I noticed in event viewer was allowing Anonymous connections Event id 538 and 540.
I don't like anonymous logons and there is no reason that users should need to access this particular server anonymously.
Researching this I found the following settings in GP were supposed to prevent Anonymous connections.
Local computer policy
comp config/windows settings/security settings/local policies/security options
allow anonymous sid/name translation = dissabled
do not allow anonymous enumeration of sam accounts = enabled
do not allow anonymous enumeration of sam accounts and shares = enabled
let everyone permissions apply to anonymous users = dissabled
restrict anonymous access to named pipes and shares = enabled
shares that can be accessed anonymously = blank
Anonymous logons are still happening, even worse it is happening from computers outside of my Domain.
My main goal is to prevent all anonymous access to this machine.
I'm sure that I am not alone in my concern with anonymous logons or this particular problem.
Any help you can provide will be appreciated.