RE: Restricting anonymous LDAP enumeration Windows 2000
From: Marc Hotescheck (MarcHotescheck_at_discussions.microsoft.com)
Date: 09/10/04
- Next message: Trent: "Finding what computer(s) a user account is logged into"
- Previous message: John Sherwin: "XP machines lockout user accounts when security log is full."
- In reply to: JC: "Restricting anonymous LDAP enumeration Windows 2000"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 10 Sep 2004 08:39:04 -0700
Hello JC,
here are two links on sides, which perhaps answer your questions
http://www.washington.edu/computing/support/windows/UWdomains/w2kservsecchecklist.html
or
Marc
"JC" wrote:
> Hello,
>
> Is there a way to restrict anonymous LDAP enumerations within a Windows 2000
> mixed mode Active Directory environment? We ran a security scan and this
> topic came up as a security risk so I am trying to restrict anonymous users
> access to LDAP information.
>
> Also, should everyone have read access permissions settings to the default
> domain (mydomain.com) in Active directory Users and computers? I am not
> sure if everyone should have read access. Please advise. Thanks.
>
>
> JC
>
>
>
- Next message: Trent: "Finding what computer(s) a user account is logged into"
- Previous message: John Sherwin: "XP machines lockout user accounts when security log is full."
- In reply to: JC: "Restricting anonymous LDAP enumeration Windows 2000"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
