Anonymous Login

Posted on 2009-06-29
Medium Priority
Last Modified: 2012-05-07

recently had a domain with one Domain controller. decided didnt want domain so deauthenticated the domain controller to a standard Member Server.....now when users login all i see is anonymous login....it shows there computer and ip address where this person is logging into, but i have no clue as to why all most all the users are showing anonymos login....any help is appreciated..thanks,,,
Question by:westhelpdesk
  • 3
  • 2
LVL 18

Expert Comment

ID: 24735392
Your users :
-was domain user
-are local server user

When a fileserver share outside a domain receive a session authentication, it looks its local users to authenticate:
-if the user provided a {fileserver\username + pwd} credentials, the fileserver opens a normal user session
-otherwise, the anonymous user is used

Your fileserver is wide open to any of your internal network connected client

Having a domain allows to manage a better resource sharing...

Author Comment

ID: 24735529
so....are you saying that this is normal behavior for just a regular 2003 file server...because all users are connecting to the file server with their username and passwords.......all though i do see that for some users it is showing the username and not anonymous login......so i guess my question in more detail is why is some users names showing up as anonymous login and other user names are showing up with the username?

thanks for all your help......also...

when you made this statement...

Your fileserver is wide open to any of your internal network connected client!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

What exactly did you mean?

thanks again!!!!
LVL 18

Expert Comment

ID: 24735565
Some users send a username/pwd which is known locally at your fileserver. They are not anonymous...

Anybody which can access to your fileserver (If he can ping it), can use the file shares as an "anonymous" user !
==> Usually, the anonymous user is disabled on those servers

Author Comment

ID: 24736863
what can i do to stop this.......so every user who connects to this file server will show there user name...


LVL 18

Accepted Solution

BigSchmuh earned 2000 total points
ID: 24737029
If you disable the anonymous user, those users without local credentials won't be allowed to connect to the shares (they won't even be able to see the server)

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
Native ability to set a user account password via AD GPO was removed because the passwords can be easily decrypted by any authenticated user in the domain. Microsoft recommends LAPS as a replacement and I have written an article that does something …
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

619 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question