Re: Anonymous Access to Shared Folder
- From: david carvalho <davidcarvalho@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 7 Nov 2007 01:31:01 -0800
Hi !
So are you saying that the best way to do this is to enable the guest
account ?
Even thought, I think that it will ask for user/pass. Any idea why the
sugested fix by microsoft doesn't work ?
thanks
"Roger Abell [MVP]" wrote:
Hi,.
Thanks for the clarification, as I was misunderstanding your scenario.
You would be better off enabling the Guest account and granting Guest
share level and NTFS level permissions. Enabling anonymous has
more risk.
Roger
"david carvalho" <davidcarvalho@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6C59FD74-D800-4183-9570-2277ED71F1E9@xxxxxxxxxxxxxxxx
Hi! thanks for the reply. I'm not sure I've explained this. If a user is
already authenticated, he can access \\my.server.name , and it displays
all
the shared folders. The idea is to be able to show this, even if the user
hasn't authenticated yet. This is usefull, because I have a local student
account in the workstations, and since they are quite slow, instead of
loading the user profile locally (and it takes longer if it's the first
time
the user logs in in that machine), it logs with the local account. But
then,
it asks for user/password when accessing \\my.server.name.
"Roger Abell [MVP]" wrote:
David,
I believe that the issue here is not how to enable anonymous access
but how to resolve the issue whereby people logged into the trusted
domain are not having their credentials recognized when they try to
access the folder.
The setting you indicate that adds Anonymous to Everyone is dangerous
to use, and is not in and of itself sufficient to let unauthenticated
access
to the folder work. You later show that the NTFS is sufficient as it has
a grant to Everyone (of course, that is provided that it is a DC that
shares
this, as you say you changed that setting for the DCs - double
dangerous).
You did not mention whether the share level permissions allow access
to Everyone, which is needed also.
So, to the real problem. Is this a forest level trust (W2k3) so that it
supports Kerberos?
Roger
"david carvalho" <davidcarvalho@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:1249A9BD-B439-45E3-8DC7-1905CA45A16E@xxxxxxxxxxxxxxxx
Hi !
I want users with accounts in a trusted domain to access a network
shared
folder
in my domain. Of course, if they input their password, they can access.
But I want to enable the access without prompting the password.
I've read "Enable anonymous access on a domain controller" in following
link
http://technet2.microsoft.com/windowsserver/en/library/883c10c4-450a-4d0d-bec3-66135f2617111033.mspx#BKMK_DC
I've set the policies in "domain security policy" and even "domain
controller security policy" none of them worked not even
simultaneously.
of
Course I've run "gpupdate" to.
Any ideas please ?
Thanks and regards
Dave
- Follow-Ups:
- Re: Anonymous Access to Shared Folder
- From: Roger Abell [MVP]
- Re: Anonymous Access to Shared Folder
- From: Paul Adare
- Re: Anonymous Access to Shared Folder
- References:
- Re: Anonymous Access to Shared Folder
- From: Roger Abell [MVP]
- Re: Anonymous Access to Shared Folder
- From: Roger Abell [MVP]
- Re: Anonymous Access to Shared Folder
- Prev by Date: Re: Anonymous Access to Shared Folder
- Next by Date: Re: Anonymous Access to Shared Folder
- Previous by thread: Re: Anonymous Access to Shared Folder
- Next by thread: Re: Anonymous Access to Shared Folder
- Index(es):
Relevant Pages
|
|
