I'm thinking about taking back the restrict anonymous parameter and using it to do Good Things. Previously in HEAD and currently in 2.2 it stops people connecting to shares anonymously but I think Mr Bartlett removed it because it was either buggy or didn't do anything useful.
I propose that this parameter act like the RestrictAnonymous registry setting, i.e it prevents anonymous access to the SAMR pipe and anonymous access to the NetShareEnum RPC when set to 1. When set to 2, it disallows anonymous access to all RPC pipes. Any objections? There's still some more testing and coding to be done. This may be a good opportunity to implement security descriptors on pipes. Tim.