I have been using the setting of "Do not allow enumeration of SAM accounts and shares" in a domain wide GPO which is equivalent of setting RestrictAnonymous to 1 in the registry. This did not stop the null session attacks from occurring. According to the following KB article, using a RestrictAnonymous setting of 2 (no access without explicit permissions) will have some major effects in domains with down-level clients, and it may also break the browser service. http://support.microsoft.com/search/preview.aspx?scid=kb;en-us;Q246261 Has anyone seen the problems outlined in this article while using the 2 setting? Doug ---- Michigan State University University Services Email: [log in to unmask] Voice: 517/355-0357 Ext. 163 Fax: 517/353-2024