I have an internal security audit coming up. I'm wondering what you would recommend to disable the auditor from pulling the SAM accounts from the PC, Laptops, and Servers?
Are there any drawback? I don't want to cause the end-users or servers to be a problem.
All my servers are 2003-2012R2
Clients are Windows 7
This is what I was thinking in GPO:
Network access: Do not allow anonymous enumeration of SAM accounts and shares