restrict anonymous

The setting of this parameter determines whether SAMR and LSA DCERPC services can be accessed anonymously. This corresponds to the following Windows Server registry options:
The option also affects the browse option which is required by legacy clients which rely on Netbios browsing. While modern Windows version should be fine with restricting the access there could still be applications relying on anonymous access.
Setting 1 will disable anonymous SAMR access.
Setting 2 will, in addition to restricting SAMR access, disallow anonymous connections to the IPC$ share in general. Setting yes on any share will remove the security advantage.

Supported on: At least Microsoft Windows 7 or Windows Server 2008 family

Registry PathSoftware\Policies\Samba\smb_conf\restrict anonymous
Value Namerestrict anonymous
Default Value0
Min Value
Max Value


Administrative Templates (Computers)