Windows 2003 security issue

After a new installation of Windows server 2003 (first Domain Controller) I have shared a few folders with different user rights. Everityng is working fine. All domain users have aceess to the folders that they suppose to have. But when I got connected a laptop to my wireless part of the network and this laptop is not part of this domain, and login to this laptop with any local username. I'm able to browse to all shared folders on my server. Any idea why is this and how to preven it.
Thanks for the help!  
LVL 1
tombbonbAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Darius GhassemCommented:
Do you have the guest or Anonymous logon granting any access?
tigermattCommented:
If the shares on the server are granted access for the Guest or Anonymous accounts, then that will be one problem.

If the laptop has a local user account which happens to have exactly the same username and password as one of the domain user accounts, that will automatically grant the laptop access.
Darius GhassemCommented:
TigerMatt,

That is the first time I have ever heard that you can do that since Security Identifier (SID) are created for every account even if the account has the same name it will still get a different SID for domain or local accounts.
SD-WAN: Making It Work for You

As bandwidth requirements and Internet costs grow, businesses naturally want to manage budgets by reducing reliance on their most expensive connection types. Learn more about how to make SD-WAN work for your business in our on-demand webinar!

tigermattCommented:
Yes - the method of same user account on two workstations/networks is a widely publicised method for doing auto-login between two separate computer systems. Surprisingly, it works very well.

It's commonly used for peer-to-peer networks where each workstation has the same user accounts and passwords, but works with servers and laptops/PCs not on the domain just as well.
Darius GhassemCommented:
Now I vaguely remember this might be available in peer to peer but not domain environment. Do you have any documentation that I could look over to get familiar with this?
tigermattCommented:
I've used it in domain environments before, so I know it can be done :-)
I can't find any docs to say this - I'll check again but a quick search didn't turn anything up. I think it's just a case of one of those things you just "know" it can be done, once you've done it yourself. I don't even know if Microsoft publicise it themselves...
Darius GhassemCommented:
I think the points need to be split.
TolomirAdministratorCommented:
Well actually I'm waiting for the confirmation that it can be done.

Computer101Commented:
PAQed with no points refunded (of 500)

Computer101
EE Admin

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.