Network access: Do not allow anonymous enumeration of SAM accounts and shares This policy setting controls the ability of anonymous users to enumerate SAM accounts as well as shares. If you enable this policy setting, anonymous users will not be able to enumerate domain account user names and network share names on the workstations in your environment. The Network access: Do not allow anonymous enumeration of SAM accounts and shares setting is configured to Enabled for the two environments that are discussed in this guide. [enable/disable] (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options!Network access: Do not allow anonymous enumeration of SAM accounts and shares (2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa!RestrictAnonymous oval:org.secpod.oval:def:22941 SCAP Repo OVAL Definition 2015-01-07