Re: Anonymous Access to Shared Folder
- From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
- Date: Wed, 7 Nov 2007 23:21:28 -0700
If I followed what you have stated, you have enabled use of
Everyone to include Anonymous, but there are other settings
that come into play (beyond share level and NTFS level grants,
only the last of which have you indicated as to how they are set)
There is also a policy that governs shares that can be accessed
anonymously. It is sort of a moot point however if you were to
use Guest access.
Roger
"david carvalho" <davidcarvalho@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:60716D50-4C49-4FD2-BF17-41CB61B20693@xxxxxxxxxxxxxxxx
Hi !
So are you saying that the best way to do this is to enable the guest
account ?
Even thought, I think that it will ask for user/pass. Any idea why the
sugested fix by microsoft doesn't work ?
thanks
"Roger Abell [MVP]" wrote:
Hi,
Thanks for the clarification, as I was misunderstanding your scenario.
You would be better off enabling the Guest account and granting Guest
share level and NTFS level permissions. Enabling anonymous has
more risk.
Roger
"david carvalho" <davidcarvalho@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:6C59FD74-D800-4183-9570-2277ED71F1E9@xxxxxxxxxxxxxxxx
Hi! thanks for the reply. I'm not sure I've explained this. If a user
is
already authenticated, he can access \\my.server.name , and it displays
all
the shared folders. The idea is to be able to show this, even if the
user
hasn't authenticated yet. This is usefull, because I have a local
student
account in the workstations, and since they are quite slow, instead of
loading the user profile locally (and it takes longer if it's the first
time
the user logs in in that machine), it logs with the local account. But
then,
it asks for user/password when accessing \\my.server.name.
"Roger Abell [MVP]" wrote:
David,
I believe that the issue here is not how to enable anonymous access
but how to resolve the issue whereby people logged into the trusted
domain are not having their credentials recognized when they try to
access the folder.
The setting you indicate that adds Anonymous to Everyone is dangerous
to use, and is not in and of itself sufficient to let unauthenticated
access
to the folder work. You later show that the NTFS is sufficient as it
has
a grant to Everyone (of course, that is provided that it is a DC that
shares
this, as you say you changed that setting for the DCs - double
dangerous).
You did not mention whether the share level permissions allow access
to Everyone, which is needed also.
So, to the real problem. Is this a forest level trust (W2k3) so that
it
supports Kerberos?
Roger
"david carvalho" <davidcarvalho@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:1249A9BD-B439-45E3-8DC7-1905CA45A16E@xxxxxxxxxxxxxxxx
Hi !
I want users with accounts in a trusted domain to access a network
shared
folder
in my domain. Of course, if they input their password, they can
access.
But I want to enable the access without prompting the password.
I've read "Enable anonymous access on a domain controller" in
following
link
http://technet2.microsoft.com/windowsserver/en/library/883c10c4-450a-4d0d-bec3-66135f2617111033.mspx#BKMK_DC
I've set the policies in "domain security policy" and even "domain
controller security policy" none of them worked not even
simultaneously.
of
Course I've run "gpupdate" to.
Any ideas please ?
Thanks and regards
Dave
.
- References:
- Re: Anonymous Access to Shared Folder
- From: Roger Abell [MVP]
- Re: Anonymous Access to Shared Folder
- From: Roger Abell [MVP]
- Re: Anonymous Access to Shared Folder
- From: david carvalho
- Re: Anonymous Access to Shared Folder
- Prev by Date: Re: Stop Browsing for computers
- Next by Date: Re: Computer Account Password
- Previous by thread: Re: Anonymous Access to Shared Folder
- Next by thread: Re: Anonymous Access to Shared Folder
- Index(es):
Relevant Pages
|
