11

I'm trying to provide machines on a small LAN with read-only, anonymous access to files shared from a Windows 7 workstation (let's call it WIN7SVR). In particular, I don't want clients to have to deal with a login window when they navigate to, e.g., \\WIN7SVR in Windows Explorer, but we do not have a domain and synchronizing accounts between the server and clients would be intractable. There are both Windows 7 and Windows XP clients that need access to these shares.

I got this working for Windows 7 clients by just enabling the Guest account on WIN7SVR and setting appropriate share permissions. Other Windows 7 machines automatically try logging in as Guest, it seems, so their users don't have to deal with the login window. The problem is with the XP clients--they can access the server if the user enters "Guest" in the login window, but I don't want users to have to do that. So from what I gather, in my limited understanding of Windows file sharing, this boils down to granting null sessions access to file shares on WIN7SVR.

But I've had no success so far on that front. I've tried all the following in the local group policy editor on the Windows 7 server:

  • Set Network access: Let Everyone permissions apply to anonymous users to Enabled
  • Set Network access: Restrict anonymous access to Named Pipes and Shares to Disabled
  • Added the names of corresponding shares to Network access: Shares that can be accessed anonymously
  • Added "ANONYMOUS LOGON" to Access this computer from the network under User Rights Assignment

Any advice would be highly appreciated... I'm mostly a Unix guy, so I feel somewhat out of my league with Windows file sharing. I do understand that any sort of anonymous access to file shares isn't generally ideal from a security standpoint, but it's the most practical solution for us in this case, and access to our network is well enough controlled that share-level security isn't a concern.

mshroyer
  • 280
  • 1
  • 3
  • 9

5 Answers5

3

Try enabling the guest account:

  • Control Panel -> Administrative Tools -> Computer Management > Local Users and Groups > Users
  • Right click Guest > Properties
  • Untick "Account is disabled"

Enabling this account worked to resolve this issue for me on Windows Server 2008 R2.

Matthew Lock
  • 125
  • 2
  • 8
1

Couldn't get this to work for a while too. The problem only happens with some XP installations but never with seven.

This solved the problem for me, hope it will help some people!

Network sharing on Server 2008 asking for login

DODMax
  • 11
  • 1
1

I had the same problem in the opposite direction. I was trying to share a printer attached to a Windows XP machine, while all my clients were using Windows 7. I tried a LOT of things. In the end I solved the problem like this:

  1. Enabled Simple Sharing in the Windows XP machine.
  2. Ran the Network Setup Wizard (in the Windows XP machine).
  3. Restarted Windows XP.

Now I can share the Windows XP printer and use it from Windows 7 without getting a login window.

Cesar Daniel
  • 111
  • 2
0

Not sure if this helps you, but it helped me: http://social.technet.microsoft.com/Forums/en/w7itpronetworking/thread/f2988697-d4b4-4427-993c-333f3ea2e6e4

mafu
  • 453
  • 5
  • 10
0

This might be completely off, but do the XP clients have simple file sharing enabled? And are they XP pro or home?

To check on simple file sharing:

  1. Open an explorer window
  2. Click Tools, Folder Options
  3. At the bottom of the list is the checkbox for simple filesharing.
Tim Coker
  • 298
  • 3
  • 8
  • The XP clients are XP Pro, and they have simple file sharing disabled. Thank you for the suggestion, but I tried enabling simple sharing on one of the XP machines and it didn't make a difference. – mshroyer Nov 25 '09 at 20:00
  • Unfortunately I never got to the bottom of this, but we eventually did a fresh reinstall on the XP Pro machines and now your solution works as expected. – mshroyer Aug 08 '10 at 07:26