Solved

Accessing Shared Folders

Posted on 2006-11-03
9
1,002 Views
Last Modified: 2008-02-20
Hello Everyone,

I have an evaluation version of Windows Server 2003 Enterprise Edition with SP1.  It is currently acting as an WSUS server for around thirty clients while sitting behind a NAT router.  On the local side of the router, the server provides DNS and WINS services to various Mac, Linux, and Windows  clients.  IIS 6 is configured with the URLScan utility to enhance security in addition to WS2003 SP1's firewall.

I would like to place a single file share on the server, and have that share be read-only.  The share is located on a different partition from the system volume and is configured.  Share permissions are configured to their default values of "Everyone - Read" and NTFS permissions are configured to their default levels, "SERVER\users - Read and Execute".  Active Directory is not a part of this equation in any manner.  There are two accounts on the server, the admin, and a standard user account.  The local PCs have a standard account that utilizes the same username and password and the server's local account.  

When I try to access the share via UNC path, \\SERVER, a prompt appears asking for a password.  I expected this, but the username is "guest" and is greyed-out.  The guest account is disabled on the server, and has no future of being enabled.  WS2003 is insecure as it is without the guest account turned on.  If I try to access the share via UNC from a Vista RC2 machine, I get a prompt but this time the username and password are blank.  Any combination of username and password will not work.  

What gives?  Is this one of WS2003's undocumented features?

Thanks
0
Comment
Question by:Jason Watkins
  • 4
  • 4
9 Comments
 
LVL 7

Expert Comment

by:krakken
ID: 17867969
Username syntax should be server\username as far as I know.  

Is the username and password the same on the server as it is for the workstations?
0
 
LVL 1

Expert Comment

by:brice626
ID: 17868267
Have you tried mapping the share using "net use"? I've found oftentimes that using explorer to just try and access a share in a non-domain environment can be very difficult for a variety of reasons. There a bunch of settings I can think of, but before that, want to see if you can map it?

net use driveletter: \\servername\sharename /u:"user" "password"
0
 
LVL 27

Author Comment

by:Jason Watkins
ID: 17868380
Net use does not make a connection.  Results are:

System error 86 has occurred.

The specified network password is not correct.

The username and passwords are the same on each end.

Thanks for the replies.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 27

Author Comment

by:Jason Watkins
ID: 17868438
Windows XP produces this error (The above error was from Vista RC2)

System error 1326 has occurred.

Logon failure: unknown user name or bad password.

Thx
0
 
LVL 1

Expert Comment

by:brice626
ID: 17868620
In group policy, under Security Settings, Local Policies, User Rights Assignment, is this user included in the "Access this computer from the network" setting?
0
 
LVL 27

Author Comment

by:Jason Watkins
ID: 17868709
Yes, I checked this and everyone plus all groups are listed as able, the only ones that are denied are "ASPNET"

Weird, I have never seen this on WS2003, Win2k yes, but not 2003...
0
 
LVL 1

Accepted Solution

by:
brice626 earned 500 total points
ID: 17868858
Hrm, that is confusing. We run a domain configuration and once needed a non-domain computer to be able to access a share. It was so difficult we ended up just making it a null share, so the non-domain computer could access it (read only of course) without a username and password. It was easier and it worked. If you'd be interested in that (or perhaps part of these steps can help solve your problem)

1) In group policy:
Network access: Let Everyone permissions apply to anonymous users (Enabled)
Network access: Shares that can be accessed anonymously (yoursharename, IPC$, COMCFG, DFS$)
User rights assignment: Access this computer from the network (Everyone (and any others))

2) Share the folder, granting:

NTFS Permissions:
Everyone (read, read and execute, list folder contents)

and Share Permissions
Everyone (Read, Modify)

then we map the drive from the client:

3) net use driveletter: \\servername\sharename /u:"" ""

that last line is two double-quotes, space, two double-quotes.
0
 
LVL 27

Author Comment

by:Jason Watkins
ID: 17870193
Thanks, that did it...
0
 
LVL 1

Expert Comment

by:brice626
ID: 17870220
No problem! Glad to hear it worked.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Screen Mirroring 7 69
Differences between server 2003 NTLM SSP and the newer server versions in GPO 5 40
SolarWind and DNS Server 12 81
MS Endpoint Protection 2 25
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

822 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question