everyoneincludesanonymous
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
everyoneincludesanonymous
HKLM\SYSTEM\CurrentControlSet\Control\Lsa
| Data type | Range | Default value |
|---|---|---|
REG_DWORD |
0 | 1 |
0 |
Description
Specifies whether the local Everyone group of users includes anonymous users. Specifically, this entry determines whether the Local Security Authority (LSA) includes the security identifier (SID) of the Everyone group in the security token of an anonymous user.
The Everyone group is a generic group of users that includes all users.
| Value | Meaning |
|---|---|
0 |
The local Everyone group does not include anonymous users. |
1 |
The local Everyone group includes anonymous users. |
Change Method
To change the value of this entry, use the Let Everyone permissions apply to anonymous users local security setting. In Control Panel, click Performance and Maintenance, then click Administrative Tools, and then click Local Security Policy. Double-click Local Policies, and then click Security Options. Right click Network Access: Let Everyone permissions apply to anonymous users, and then click Properties. If the local security setting is Enabled, then the value of this entry is 0. If the local security setting is Disabled, then the value of this entry is 1.
Notes
For more information about the LSA, see the Security Subsystem Architecture section of the Active Directory Data Storage chapter in the Distributed Systems Guide.
Tip
You can mimic the LSA behavior of Windows 2000 by setting the value of this entry to 1.