Disabling Null Sessions - Potential issues?

  • Thread starter Thread starter Munson
  • Start date Start date
M

Munson

Right now we are running a mixed environment in AD - some Windows
Server 2003 and some Windows Server 2000. We are looking into disabling
null sessions on the Win2K servers, but we want to make sure that we
don't break anything.

What are the any potential issues that could arise because null
sessions have been disabled?

Thanks,

Mike L.
 
Microsoft used to not recommend doing such on Windows 2000 domain
controllers for a variety of reasons including problems with older versions
of XP Pro in that users could not change their passwords. For non domain
controllers you probably will not have any issues and most problems arise
from using downlevel [pre W2K] clients and domain trusts outside of the
forest. The links below should help in explaining possible consequences. For
what it is worth if other security best practices are being followed I
consider null sessions to be very low on the list of security threats. ---
Steve

http://support.microsoft.com/?kbid=246261
http://support.microsoft.com/default.aspx?scid=kb;en-us;823659 ---
pertinent info starts in number 7 under security settings.
 
Back
Top