Do not enumerate connected users on domain-joined computersID: oval:org.secpod.oval:def:35390 | Date: (C)2016-06-10 (M)2023-12-13 |
Class: COMPLIANCE | Family: windows |
This policy setting prevents connected users from being enumerated on domain-joined computers.
If you enable this policy setting, the Logon UI will not enumerate any connected users on domain-joined computers.
If you disable or do not configure this policy setting, connected users will be enumerated on domain-joined computers.
Counter Measure:
Enable this policy setting.
Potential Impact:
If you enable this policy setting, the Logon UI will not enumerate any connected users on domain-joined computers.
If you disable or do not configure this policy setting, connected users will be enumerated on domain-joined computers."
Fix:
(1) GPO: Computer Configuration\Administrative Templates\System\Logon\Do not enumerate connected users on domain-joined computers
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\System!DontEnumerateConnectedUsers
Platform: |
Microsoft Windows 10 |