Knowledgebase
Users able to authenticate with blank password when using Active Directory
Posted by Van Glass on 31 March 2008 05:23 PM
This is due to an AD configuration that has anonymous bind option enabled. Anonymous bind allows users to authenticate using a known username and blank password even though the user has a non-blank password. To disable anonymous binding perform the following:

1. Download Support Tools for Windows 2003 Server at http://www.microsoft.com/downloads/details.aspx?FamilyID=96a35011-fd83-419d-939b-9a772ea2df90&DisplayLang=en

2. Go to C:\Program Files\Support Tools\ and run the application adsiedit.msc. The ADSI Edit application is launched.

3. Navigate to CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration, where is the name of your domain e.g. ad.domain.com

4. Right click the "CN=Directory Services" container, choose "Properties" from the context menu and scroll down to the dsHeuristics attribute.

5. Click the Clear button followed by Apply.

(271 vote(s))
This article was helpful
This article was not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
Help Desk Software by Kayako fusion