Accessing Shared Folders

Posted on 2006-11-03
Last Modified: 2008-02-20
Hello Everyone,

I have an evaluation version of Windows Server 2003 Enterprise Edition with SP1.  It is currently acting as an WSUS server for around thirty clients while sitting behind a NAT router.  On the local side of the router, the server provides DNS and WINS services to various Mac, Linux, and Windows  clients.  IIS 6 is configured with the URLScan utility to enhance security in addition to WS2003 SP1's firewall.

I would like to place a single file share on the server, and have that share be read-only.  The share is located on a different partition from the system volume and is configured.  Share permissions are configured to their default values of "Everyone - Read" and NTFS permissions are configured to their default levels, "SERVER\users - Read and Execute".  Active Directory is not a part of this equation in any manner.  There are two accounts on the server, the admin, and a standard user account.  The local PCs have a standard account that utilizes the same username and password and the server's local account.  

When I try to access the share via UNC path, \\SERVER, a prompt appears asking for a password.  I expected this, but the username is "guest" and is greyed-out.  The guest account is disabled on the server, and has no future of being enabled.  WS2003 is insecure as it is without the guest account turned on.  If I try to access the share via UNC from a Vista RC2 machine, I get a prompt but this time the username and password are blank.  Any combination of username and password will not work.  

What gives?  Is this one of WS2003's undocumented features?

Question by:Jason Watkins
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4

Expert Comment

ID: 17867969
Username syntax should be server\username as far as I know.  

Is the username and password the same on the server as it is for the workstations?

Expert Comment

ID: 17868267
Have you tried mapping the share using "net use"? I've found oftentimes that using explorer to just try and access a share in a non-domain environment can be very difficult for a variety of reasons. There a bunch of settings I can think of, but before that, want to see if you can map it?

net use driveletter: \\servername\sharename /u:"user" "password"
LVL 27

Author Comment

by:Jason Watkins
ID: 17868380
Net use does not make a connection.  Results are:

System error 86 has occurred.

The specified network password is not correct.

The username and passwords are the same on each end.

Thanks for the replies.
Free Webinar: AWS Backup & DR

Join our upcoming webinar with experts from AWS, CloudBerry Lab, and the Town of Edgartown IT to discuss best practices for simplifying online backup management and cutting costs.

LVL 27

Author Comment

by:Jason Watkins
ID: 17868438
Windows XP produces this error (The above error was from Vista RC2)

System error 1326 has occurred.

Logon failure: unknown user name or bad password.


Expert Comment

ID: 17868620
In group policy, under Security Settings, Local Policies, User Rights Assignment, is this user included in the "Access this computer from the network" setting?
LVL 27

Author Comment

by:Jason Watkins
ID: 17868709
Yes, I checked this and everyone plus all groups are listed as able, the only ones that are denied are "ASPNET"

Weird, I have never seen this on WS2003, Win2k yes, but not 2003...

Accepted Solution

brice626 earned 500 total points
ID: 17868858
Hrm, that is confusing. We run a domain configuration and once needed a non-domain computer to be able to access a share. It was so difficult we ended up just making it a null share, so the non-domain computer could access it (read only of course) without a username and password. It was easier and it worked. If you'd be interested in that (or perhaps part of these steps can help solve your problem)

1) In group policy:
Network access: Let Everyone permissions apply to anonymous users (Enabled)
Network access: Shares that can be accessed anonymously (yoursharename, IPC$, COMCFG, DFS$)
User rights assignment: Access this computer from the network (Everyone (and any others))

2) Share the folder, granting:

NTFS Permissions:
Everyone (read, read and execute, list folder contents)

and Share Permissions
Everyone (Read, Modify)

then we map the drive from the client:

3) net use driveletter: \\servername\sharename /u:"" ""

that last line is two double-quotes, space, two double-quotes.
LVL 27

Author Comment

by:Jason Watkins
ID: 17870193
Thanks, that did it...

Expert Comment

ID: 17870220
No problem! Glad to hear it worked.

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
In an interesting question ( here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question