This policy setting prevents connected users from being enumerated on domain-joined computers. If you enable this policy setting, the Logon UI will not enumerate any connected users on domain-joined computers. If you disable or do not configure this policy setting, connected users will be enumerated on domain-joined computers. Counter Measure: Enable this policy setting. Potential Impact: If you enable this policy setting, the Logon UI will not enumerate any connected users on domain-joined computers. If you disable or do not configure this policy setting, connected users will be enumerated on domain-joined computers." Fix: (1) GPO: Computer Configuration\Administrative Templates\System\Logon\Do not enumerate connected users on domain-joined computers (2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\System!DontEnumerateConnectedUsers