This policy setting enables or disables the ability of an anonymous user to request security identifier (SID) attributes for another user.
If this policy setting is enabled, a user might use the well-known Administrators SID to get the real name of the built-in Administrator account, even if the account has been renamed. That person might then use the account name to initiate a brute-force password-guessing attack.
Misuse of this policy setting is a common error that can cause data loss or problems with data access or security.
Best practices
Set this policy to Disabled. This is the default value on member computers; therefore, it will have no impact on them. The default value for domain controllers is Enabled.
Location
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options
Hope this information can help you
Best wishes
Vicky