Anonymous SID/name translation (Windows)

Module: Network Integrity

Supported Platforms: Windows 2003, Windows 2008

This check reports the Group Policy setting which allows anonymous SID/name translation.

The following table lists the error message for the check.

Table: Error message for Anonymous SID/name translation

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: ESM_ANONYMOUS_SID_NAME_TRANSLATION Category: Change Notification	Windows 2003 (206359) Windows 2008 (249359)	Title: Anonymous SID/name translation allowed Description:This security setting determines if an anonymous user can request security identifier (SID) attributes for another user. If this policy is enabled, a user with knowledge of an administrator's SID could contact a computer that has this policy enabled and use the SID to get the administrator's name.	Severity: yellow-3 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: ESM_ANONYMOUS_SID_NAME_TRANSLATION

Category: Change Notification

Windows 2003 (206359)
Windows 2008 (249359)

Title: Anonymous SID/name translation allowed

Description:This security setting determines if an anonymous user can request security identifier (SID) attributes for another user. If this policy is enabled, a user with knowledge of an administrator's SID could contact a computer that has this policy enabled and use the SID to get the administrator's name.

Severity: yellow-3

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]