report on anonymous login in Active directory infrastructure

Hi,

Please assist me in generating a report for anonymous login.

I want to remove Everyone and anonymous group from "Pre-windows 2000 Compatible group" before removing these groups I want to determine with logs.

  • Hi,

    Yes, having Everyone and Anonymous in this group is not recommended. Only Authenticated Users should be there. Do you mean you want to filter out 4624 events like this one?:

    An account was successfully logged on.
    
    Subject:
        Security ID:        NULL SID
        Account Name:        -
        Account Domain:        -
        Logon ID:        0x0
    
    Logon Type:            3
    
    New Logon:
        Security ID:        ANONYMOUS LOGON
        Account Name:        ANONYMOUS LOGON
        Account Domain:        NT AUTHORITY
        Logon ID:        0xed801aa
        Logon GUID:        {00000000-0000-0000-0000-000000000000}