R
rbs74
Our group policy is configured so that the Everyone group does not include
the anonymous logon group. One of the side effects of this is that if a
user tries to log on and they are supposed to change their password, they
cannot.
We had orginally made the change because we were having mass lockouts from
anonymous users trying to brute force admin accounts.
We are debating giving explicit permissions to anonymous login for the
"access this computer from the network". If we still have the "Do not
allow anonymous enumeration of SAM accounts" and "do not allow
anonymous/SID translation" options enabled, will this change pose a
serious security threat?
the anonymous logon group. One of the side effects of this is that if a
user tries to log on and they are supposed to change their password, they
cannot.
We had orginally made the change because we were having mass lockouts from
anonymous users trying to brute force admin accounts.
We are debating giving explicit permissions to anonymous login for the
"access this computer from the network". If we still have the "Do not
allow anonymous enumeration of SAM accounts" and "do not allow
anonymous/SID translation" options enabled, will this change pose a
serious security threat?