Anonymous LDAP on Windows 2003

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I am in the position that I have to allow anonymous LDAP operations on our
2003 domain controllers. I know that this was allowed by default on Windows
2000, but has been changed on Windows 2003. I wonder what the consequences
are regarding security, and is there any other way of restricting anonymous
access to all objects in AD once it is allowed?

Thanks,
 
I was in this same situation. I enabled anonymous logon for the domain at
the domain level. Then I granted read access to "anonymous logon"to only
the OU's that I needed. We had to do this because the RADIUS servers are in
a different domain/forest and wouldn't authenticate users.
 
Back
Top