| 154 |
| Restrict anonymous access to network computers |
| When users browse the network for resources, they typically see all of the computers in their |
| workgroup or domain, as well as other resources, such as printers. In many situations, allowing |
| users to browse the network is desirable, or at least acceptable. |
| When users browse the network, computers still appear even if those computers don't share any |
| disks or printers. In almost all situations, simplifying the network interface can improve network |
| usability, so removing these systems from the browse list can be useful. |
| You can add a setting to the registry on Windows 2000 computers that not only hides the computers |
| from the browse list, but also prevents anonymous access to those systems. Add the DWORD setting |
| RestrictAnonymous to the following registry key and set it to a value of 2: |
| HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA |
| Before you change this setting, however, research the effects in more detail--particularly if your |
| network includes older Windows clients. Also, restricting anonymous access can adversely affect |
| some Windows 2000 services and third-party applications. For a more detailed discussion, see |
| article 246261 on Microsoft's Product Support Services Web site. |
| http://support.microsoft.com/default.aspx?scid=kb;en-us;246261 |
| Note: Before making any registry edit, be sure to first back up the registry so that you can restore |
| it if something goes wrong. |
First Previous Next Last |