?
Solved

Accessing Shared Folders

Posted on 2006-11-03
9
Medium Priority
?
1,010 Views
Last Modified: 2008-02-20
Hello Everyone,

I have an evaluation version of Windows Server 2003 Enterprise Edition with SP1.  It is currently acting as an WSUS server for around thirty clients while sitting behind a NAT router.  On the local side of the router, the server provides DNS and WINS services to various Mac, Linux, and Windows  clients.  IIS 6 is configured with the URLScan utility to enhance security in addition to WS2003 SP1's firewall.

I would like to place a single file share on the server, and have that share be read-only.  The share is located on a different partition from the system volume and is configured.  Share permissions are configured to their default values of "Everyone - Read" and NTFS permissions are configured to their default levels, "SERVER\users - Read and Execute".  Active Directory is not a part of this equation in any manner.  There are two accounts on the server, the admin, and a standard user account.  The local PCs have a standard account that utilizes the same username and password and the server's local account.  

When I try to access the share via UNC path, \\SERVER, a prompt appears asking for a password.  I expected this, but the username is "guest" and is greyed-out.  The guest account is disabled on the server, and has no future of being enabled.  WS2003 is insecure as it is without the guest account turned on.  If I try to access the share via UNC from a Vista RC2 machine, I get a prompt but this time the username and password are blank.  Any combination of username and password will not work.  

What gives?  Is this one of WS2003's undocumented features?

Thanks
0
Comment
Question by:Jason Watkins
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 7

Expert Comment

by:krakken
ID: 17867969
Username syntax should be server\username as far as I know.  

Is the username and password the same on the server as it is for the workstations?
0
 
LVL 1

Expert Comment

by:brice626
ID: 17868267
Have you tried mapping the share using "net use"? I've found oftentimes that using explorer to just try and access a share in a non-domain environment can be very difficult for a variety of reasons. There a bunch of settings I can think of, but before that, want to see if you can map it?

net use driveletter: \\servername\sharename /u:"user" "password"
0
 
LVL 27

Author Comment

by:Jason Watkins
ID: 17868380
Net use does not make a connection.  Results are:

System error 86 has occurred.

The specified network password is not correct.

The username and passwords are the same on each end.

Thanks for the replies.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 27

Author Comment

by:Jason Watkins
ID: 17868438
Windows XP produces this error (The above error was from Vista RC2)

System error 1326 has occurred.

Logon failure: unknown user name or bad password.

Thx
0
 
LVL 1

Expert Comment

by:brice626
ID: 17868620
In group policy, under Security Settings, Local Policies, User Rights Assignment, is this user included in the "Access this computer from the network" setting?
0
 
LVL 27

Author Comment

by:Jason Watkins
ID: 17868709
Yes, I checked this and everyone plus all groups are listed as able, the only ones that are denied are "ASPNET"

Weird, I have never seen this on WS2003, Win2k yes, but not 2003...
0
 
LVL 1

Accepted Solution

by:
brice626 earned 2000 total points
ID: 17868858
Hrm, that is confusing. We run a domain configuration and once needed a non-domain computer to be able to access a share. It was so difficult we ended up just making it a null share, so the non-domain computer could access it (read only of course) without a username and password. It was easier and it worked. If you'd be interested in that (or perhaps part of these steps can help solve your problem)

1) In group policy:
Network access: Let Everyone permissions apply to anonymous users (Enabled)
Network access: Shares that can be accessed anonymously (yoursharename, IPC$, COMCFG, DFS$)
User rights assignment: Access this computer from the network (Everyone (and any others))

2) Share the folder, granting:

NTFS Permissions:
Everyone (read, read and execute, list folder contents)

and Share Permissions
Everyone (Read, Modify)

then we map the drive from the client:

3) net use driveletter: \\servername\sharename /u:"" ""

that last line is two double-quotes, space, two double-quotes.
0
 
LVL 27

Author Comment

by:Jason Watkins
ID: 17870193
Thanks, that did it...
0
 
LVL 1

Expert Comment

by:brice626
ID: 17870220
No problem! Glad to hear it worked.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question