2 sonuçtan 1 ile 2 arası

Konu: SID Enumeration engellemesi

  1. #1

    Standart SID Enumeration engellemesi

    Selamlar,

    DC'nin ipsini yazarak başka bir bilgisayar SID(USER ID) leri gorebiliyor , bunu nasıl engelliyeceğim hakkında bilgi sahibi olan varmı acaba ?
    teşekkürler
     

  2. #2

    Standart Ynt: SID Enumeration engellemesi

    Merhaba,

    Click Start, Administrative Tools, Local Security Policy (you can also enter secpol.msc at a command prompt or using Start, Run).
    Click on the + next to Local Policies
    Click on Security Options
    On Windows 2000 systems double-click Additional restrictions for anonymous connections in the details pane and select Do not allow enumeration of SAM accounts and shares from the Local policy setting drop-down list.
    On Windows Server 2003 and Windows XP systems select Network access: Allow anonymous SID/Name translation in the details pane and make sure the policy is disabled.
    Click OK and close the console.
    You can also apply the policy across a domain instead of on one individual computer by following these steps:

    Open the Active Directory Users and Computers console screen.
    Right-click the domain and select Properties.
    Click the Group Policy tab.
    Click the Default Domain Policy, and select Edit.
    Drill down through the console pane to Computer Configuration, Windows Settings, Security Settings, Local Policies, Security Options.
    On a Windows 2000 domain, double-click Additional restrictions for anonymous connections. Click the Define this policy option. On the drop-down list, select Do not allow enumeration of SAM accounts and shares.
    On a Windows Server 2003 domain, double-click Network access: Allow anonymous SID/Name translation and make sure the policy is disabled.
    Click OK and close the console.

    Referans:

    http://www.windowsnetworking.com/kba...ionofSIDs.html

    Emre AYDIN
    Emre Aydın
    MVP | Office 365 | Since 2006
    MCT | Since 2005
    MCSD | Azure Solutions Architect
    MCSE | Private Cloud, Messaging, Communication, Server Infrastructure, Productivity, Platform
    MCSA | Office 365, Server 2012, Cloud Platform
    MCTS | Developing Azure Solutions, Implementing Azure Infrastructure, Architecting Microsoft Azure Solutions, SAM
    P-Seller
    Intelligent Cloud | EMS
    Web : www.mshowto.org
    Mail : emre.aydin [@] mshowto.org
    Twitter : https://twitter.com/emreaydn
    Linkedin : tr.linkedin.com/in/emreaydn

Yetkileriniz

  • Konu Açma Yetkiniz Yok
  • Cevap Yazma Yetkiniz Yok
  • Eklenti Yükleme Yetkiniz Yok
  • Mesajınızı Değiştirme Yetkiniz Yok
  •  
Hakkımızda
MSHOWTO, herhangi bir firma ya da kuruluş ile bağı olmayan bağımsız teknik bir topluluktur.
Sosyal Medya Linklerimiz