rjordanbots
asked on
Turning off LDAP Anonymous Directory Access Permitted on Windows Server 2013 R2
How do you turn off LDAP anonymous on Windows Server 2013 R2 Domain Controller?
That is the default configuration. Anonymous access has to be explicitly granted, and usually there is no good reason to do so.
ASKER
Sorry, I meant Windows Server 2012 R2
Yeah. Since there is no 2013, I knew what you meant. Same answer.
ASKER
We had a security company come in and do a network assessment, this was one of the issues on the assessment that my boss wanted me to fix. I realize it is a default config. He did a ldapsearch to anonymously connect to the ldap service and pulled the Directory Information tree. I'm just not sure how to go about and turn this anonymous access off though. Or why do you say there isn't a good reason to do so? This is not for the DSE Root account.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks, Adam, this fixed the solution, appreciate it.