Shared folder without the password

[ikon]

Enabling the Guest account will get around this, but it's not recommended.

 

jmwills, I thought 'Everyone' means all of the accounts that the server knows about, not everyone everyone. My understanding is that it's a shortcut way to grant universal account access without having to specifically grant permissions to each group or account.

[jmwills]

Authenticated Users is all accounts AD knows about. Everyone is Everyone who can gain access.

 

I think this gan be resolved by enteting the needed credentilas in the credentials manager and stay away from the guest account.

[hoorah]

Enabling the Guest account will get around this, but it's not recommended.

 

 

Even still, sometimes even that is not enough.  Like I mentioned earlier, on the windows 7 side, even enabling guest account doesn't allow people to access shares.  I had to go in to the security policy and disable an option that says "deny guest logon via network" or something similar.  Let me see if I can find the instructions.

 

I am not sure if things are the same on the windows server side or not.

 

My solution so far has been to use a "media" account with a basic password that is the same for all of my HTPCs and just save the credentials in the credentials manager.  If I have an actual guest that needs access I give them the same login and password.

 

I think this is referencing the same issue:

 

http://www.techsupportforum.com/forums/f138/solved-logon-failure-the-user-has-not-been-granted-the-requested-logon-type-at-thi-211277.html

 

 

Open local security policy:

Start -> Programs -> Administrative Tools -> Local Security Policy

OR

Start -> Run -> "secpol.msc" <enter>

OR

Start -> Run -> "gpedit.msc" <enter> -> Computer Configuration -> Windows Settings

 

 

And then:

 

 

Security Settings -> Local Policies -> User Rights Assignment

 

 

Doube click "Access this computer from the network" and check that EVERYONE is added to the list. If not add it.

 

 

I am posting this because many many guys have faced this trouble and hoping this would help them all.

 

[mrossco]

I'm recalling this from memory, so if I'm a bit fuzzy or my information is dated, I apologize...

 

First, I would absolutely NOT recommend you do this.  The easiest way to get what you want is to make sure everyone in the household has a userid and password on their computer that matches the one you setup for them in WHS/WSE.  On WSE, the Active Directory Users and Computers snap-in can be used to setup the drive mount pretty easily.

 

However, if you really want to allow anonymous access to a share on your server, then what you want to do is allow Everyone access to the share.  You can do this through the Dashboard.  Once configured, you'll also need to loosen a few security settings to allow Anonymous connections.  First, you'll need to set go to Administrative Tools and open Local Security Policy.  Next, you'll need to go to Local Policies -> Security Options.  There, you'll find a key called "Network Access:  Let Everyone permissions apply to anonymous users".  Double-click and enable this setting.  This will allow anonymous (unauthenticated users) to part of the Everyone group.  Next, you'll need to do one of two things.  You can either navigate to "Network Access: Shares that can be accessed anonymously" and add the name of the share everyone will need access to, limiting anonymous access to that purpose, or you'll need to find the key "Network Access:  Restrict anonymous access to Named Pipes and Shares" and disable it, allowing anonymous access to a lot more areas of your server.

 

I hope this helps.

[Robert Pearman]

I will just chime in and say, i agree with the 'Anonymous' suggestion.

 

In earlier OSs Everyone was sufficient, but i beleive in 2008r2 it changed.

 

http://technet.microsoft.com/en-gb/library/cc754178.aspx

 

http://technet.microsoft.com/en-gb/library/cc732880.aspx

"In this version of Windows, the Everyone group does not include the Anonymous Logon group by default, so permissions applied to the Everyone group do not affect the Anonymous Logon group."