Environment
Novell NetWare 6.5 Support Pack 8
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 3
Novell Open Enterprise Server 11 (OES 11) Linux Support Pack 2
Situation
By default, NULL users can enumerate CIFS shares under NetWare and OES. This is true on Windows, NetWare, and OES (as the latter emulate the first).
Resolution
Disallowing NULL users from enumerating shares can cause various issues as some applications are dependent upon it in order to function correctly (or function at all). Allowing NULL users to enumerate shares is done intentionally as clients and applications use the "NULL user" sessions to perform various tasks such as enumerating shares, getting lists of machines, and the "change password" feature on Windows NT and MAC clients. More details can be found in the following Microsoft article:
This does not impose a security risk on NetWare or OES servers as all access to the NSS shares (the only shares available to CIFS on these particular operating systems) as all access and rights to the share are controlled via eDirectory.