PaulDotCom mailing list archives
Re: mass user creation on 2008 then enumeration
From: Ryan B <broadydownunder () gmail com>
Date: Wed, 1 May 2013 09:59:25 +1000
Hi Robin, To create a bunch of fake users in Server 2008, you can use PowerShell and a CSV file. Use something like GenerateData to create the user accounts: http://www.generatedata.com/#generator Once you've got your CSV file, follow the tutorial here to get your users into the AD: http://www.howtogeek.com/50187/how-to-create-multiple-users-in-server-2008-with-powershell/ Regarding the Null Session Enumeration, after you've adjusted the Registry, you'll also have to make some changes to the Group Policy Settings in gpedit. The following list is from a hardening guide so I would just reverse the settings and it should work. There are 6 policies listed below that controls what information can be accessed anonymously. These policies are located in local group policy editor under *Computer Configuration\Windows Settings\SecuritySettings\Local Policies\SecurityOptions.* 1. Network access: Allow anonymous SID/Name translation 2. Network access: Do not allow anonymous enumeration of SAM accounts 3. Network access: Do not allow anonymous enumeration of SAM accounts and shares 4. Network access: Let Everyone permissions apply to anonymous users 5. Network access: Named Pipes that can be accessed anonymously 6. Network access: Shares that can be accessed anonymously In order to completely disable anonymous logons, you can disable policy 1 and 4, enable policy 2 and 3, and specifying empty lists for policy 5 and 6. Cheers Ryan On Wed, May 1, 2013 at 1:48 AM, Robin Wood <robin () digininja org> wrote:
I'm setting up a lab for some training I've got and I need to set up a bunch of users on my 2008 DC. I know there are scripts to do this but can't find any, has anyone got a good one? I also want to enable NULL session enumeration as it is off by default on 2008. I've set the RestrictNullSessAccess registry key to 0 but it is still disabled, what else do I need to set? Robin _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- mass user creation on 2008 then enumeration Robin Wood (Apr 30)
- Re: mass user creation on 2008 then enumeration Michael Allen (Apr 30)
- Re: mass user creation on 2008 then enumeration Michael Allen (Apr 30)
- Re: mass user creation on 2008 then enumeration Barry Von Ahsen (Apr 30)
- Re: mass user creation on 2008 then enumeration Carlos Perez (Apr 30)
- Re: mass user creation on 2008 then enumeration Ryan B (Apr 30)
- Re: mass user creation on 2008 then enumeration Tony Turner (Apr 30)
- Re: mass user creation on 2008 then enumeration S. White (Apr 30)
- Re: mass user creation on 2008 then enumeration Robin Wood (Apr 30)
- Re: mass user creation on 2008 then enumeration ben smith (May 01)
- Re: mass user creation on 2008 then enumeration Robin Wood (May 02)
- Re: mass user creation on 2008 then enumeration Robin Wood (Apr 30)
- Re: mass user creation on 2008 then enumeration Michael Allen (Apr 30)