Restricting anonymous LDAP enumeration Windows 2000
From: JC (chanj_at_covad.net)
Date: Thu, 9 Sep 2004 00:05:32 -0400
Is there a way to restrict anonymous LDAP enumerations within a Windows 2000
mixed mode Active Directory environment? We ran a security scan and this
topic came up as a security risk so I am trying to restrict anonymous users
access to LDAP information.
Also, should everyone have read access permissions settings to the default
domain (mydomain.com) in Active directory Users and computers? I am not
sure if everyone should have read access. Please advise. Thanks.