Skip navigation
Menu
End-User Platforms>Windows 7/8

JSI Tip 1943. Domain users/guests can display the list of domain user and domain group accounts?

An ordinary domain user (or domain guest) is granted the Domain List Accounts right. This enables them to display user and group account names.

Microsoft has written LISTACCT.EXE, a tool that will allow you to deny or grant this right. Unfortuneatley, you must call to receive it, mentioning Knowledge Base Article Q180782.

NOTE: You must NOT have RestrictAnonymous (a type REG_DWORD) set to 1 at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA, when users do not have the Domain List Accounts right. If to have to set this value back to 0, or delete the Value Name, you will need to reboot.

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
PowerShell screenshot shows Where-Object cmdlet
How to Use the PowerShell Where-Object Cmdlet
Aug 04, 2022
shield_icon_laptop.jpg
What To Do When Windows Defender Is Not Working
Mar 15, 2022
Computer Screen Showing Password Dialog Box
Microsoft Edge Downloads Updated for Azure AD Sign-In & Sync
Aug 22, 2019
mktg-wp-nolabel5
How to Approach the Windows 7 to 10 Migration
Aug 01, 2019