Knowledgebase
Users able to authenticate with blank password when using Active Directory
Posted by Van Glass on 31 March 2008 05:23 PM
This is due to an AD configuration that has anonymous bind option enabled. Anonymous bind allows users to authenticate using a known username and blank password even though the user has a non-blank password. To disable anonymous binding perform the following:

1. Download Support Tools for Windows 2003 Server at http://www.microsoft.com/downloads/details.aspx?FamilyID=96a35011-fd83-419d-939b-9a772ea2df90&DisplayLang=en

2. Go to C:\Program Files\Support Tools\ and run the application adsiedit.msc. The ADSI Edit application is launched.

3. Navigate to CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration, where is the name of your domain e.g. ad.domain.com

4. Right click the "CN=Directory Services" container, choose "Properties" from the context menu and scroll down to the dsHeuristics attribute.

5. Click the Clear button followed by Apply.

(271 vote(s))
This article was helpful
This article was not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below. This is required to prevent automated registrations and form submissions.

Help Desk Software by Kayako fusion