It restricts the use of anonymous/null sessions to retrieve information on
your computer such as user/group information and even a bunch more. A
properly configured firewall will also block access to that info. Setting 1
for do not allow anonymous enumeration of sam accounts and shares is usually
safe to use. The 2 setting for no access wihout explicit anonymous
permissions should be used with caution, particualrly on domain controllers
as downlevel clients such as W98/NT4.0 and even XP can have problems with
things like accessing resources or changing passwords. The free Windows 2000
Security Hardening Guide has specific recommendations on that setting and
the KB link below details potential issues. --- Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;823659
