Hi Robin, To create a bunch of fake users in Server 2008, you can use PowerShell and a CSV file.
Use something like GenerateData to create the user accounts: http://www.generatedata.com/#generator Once you've got your CSV file, follow the tutorial here to get your users into the AD: http://www.howtogeek.com/50187/how-to-create-multiple-users-in-server-2008-with-powershell/ Regarding the Null Session Enumeration, after you've adjusted the Registry, you'll also have to make some changes to the Group Policy Settings in gpedit. The following list is from a hardening guide so I would just reverse the settings and it should work. There are 6 policies listed below that controls what information can be accessed anonymously. These policies are located in local group policy editor under *Computer Configuration\Windows Settings\SecuritySettings\Local Policies\SecurityOptions.* 1. Network access: Allow anonymous SID/Name translation 2. Network access: Do not allow anonymous enumeration of SAM accounts 3. Network access: Do not allow anonymous enumeration of SAM accounts and shares 4. Network access: Let Everyone permissions apply to anonymous users 5. Network access: Named Pipes that can be accessed anonymously 6. Network access: Shares that can be accessed anonymously In order to completely disable anonymous logons, you can disable policy 1 and 4, enable policy 2 and 3, and specifying empty lists for policy 5 and 6. Cheers Ryan On Wed, May 1, 2013 at 1:48 AM, Robin Wood <[email protected]> wrote: > I'm setting up a lab for some training I've got and I need to set up a > bunch of users on my 2008 DC. I know there are scripts to do this but can't > find any, has anyone got a good one? > > I also want to enable NULL session enumeration as it is off by default on > 2008. I've set the RestrictNullSessAccess registry key to 0 but it is still > disabled, what else do I need to set? > > Robin > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
