SV-103379.md
---
scapolite:
class: rule
version: '0.51'
id: SV-103379
id_namespace: mil.disa.Windows-Server-2019-STIG
title: Windows Server 2019 must not allow anonymous enumeration of Security Account
Manager (SAM) accounts.
rule: <see below>
description: <see below>
applicability:
- system: org.scapolite.xccdf.applicability
weight: 10.0
severity: high
implementations:
- relative_id: F-99537r1
description: <see below>
automations:
- system: org.scapolite.implementation.win_gpo
ui_path: 'Computer Configuration\Policies\Windows Settings\Security Settings\Local
Policies\Security Options\Network access: Do not allow anonymous enumeration
of SAM accounts'
value: Enabled
verification_status: Checked.
- system: org.scapolite.implementation.win_secedit
setting_name: MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\RestrictAnonymousSam
section: Registry Values
value: 1
type_value: 4
checks:
- relative_id: '01'
automations:
- system: http://oval.mitre.org/XMLSchema/oval-definitions-5
idref: oval:mil.disa.stig.windows:def:2146
href: U_MS_Windows_Server_2019_V1R3_STIG_SCAP_1-2_Benchmark-oval.xml
crossrefs:
- system: http://iase.disa.mil/cci
idref: CCI-000366
relation: ''
- system: org.scapolite.unknown
idref: "\n "
relation: ''
- system: http://iase.disa.mil/cci
idref: CCI-000366
relation: ''
history:
- version: r1
action: created
description: WN19-SO-000220
internal_comment: ''
---
## /rule
Windows Server 2019 must not allow anonymous enumeration of Security Account Manager (SAM) accounts.
## /description
[**VulnDiscussion**]{.separator type='STIG'}
Anonymous enumeration of SAM accounts allows anonymous logon users (null session connections) to list all accounts names, thus providing a list of potential points to attack the system.
[**Documentable**]{.separator type='STIG'}
false
## /implementations/0/description
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Network access: Do not allow anonymous enumeration of SAM accounts" to "Enabled".
