Can We disable Lanmanserver service in order to avoid the Null sesssions in ONE Domain controller ?

Lancelot_Zheng 21 Reputation points
2022-10-08T08:17:21.687+00:00

Hi There,

In the production environment, in order to avoid the potential attack using null session in servers, can we disable Lanmanserver services in one Domain Controller?

As we can see the netlogon services rely on this services in one DC.

Can we disable it?

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,960 questions
{count} votes

Accepted answer
  1. Limitless Technology 39,416 Reputation points
    2022-10-10T14:10:38.927+00:00

    Hi,

    Thank you for your question and reaching out.

    I understand that you want to know if you can disable Lanmanserver services in one Domain Controller. You're not able to just "disable" the domain services on it. Windows does not also recommend doing so. However, if you're sure disabling it would improve avoiding potential attack in your servers, you may disable it using the PowerShell command below:

    Start-Process powershell -ArgumentList '-noprofile -file C:\Scripts\StopLanManServerService.ps1' -verb RunAs

    or this command instead:

    net stop lanmanserver /y

    --If the reply is helpful, please Upvote and Accept as answer--

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Dave Patrick 426.2K Reputation points MVP
    2022-10-08T12:52:39.893+00:00

    You can follow along here for hardening steps.
    https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/securing-domain-controllers-against-attack

    --please don't forget to upvote and Accept as answer if the reply is helpful--