Guest accessible share not working on Domain Joined Server 2012 R2

MemxIT
MemxIT used Ask the Experts™
on
Security concerns aside, we require a share that had Read access for non-domain joined uses that connect as guest.

Under Server 2008R2 we simply changed 'allow everyone permission to apply to anonymous users' in security policies, enabled the Guest account, set share to everyone, security to everyone on the folder.

I've tried many things in Server 2012 with no resolve, and found numerous postings of people having this issue but some stating they managed to get it working. Their solution didn't work for us.

Additional settings I've tried on local security policy (gpedit.msc)
Restrict anonymous access to named pipes disable
allow anonymous access to named pipes (added our share name to the list)
allow anonymous access to shares (added out share name to the list)

We've restarted the server after each security change.

I know the remote client is coming in as guest by watching the connection using the ShareWatch utility.  The client is either WindowsXP, Win7, or Win8, all of them can now connect to the server and see shares, but opening the share in question give an error that the client does not have permission.

Server: Server 2012 R2 Standard
Tested clients (all non-domain joined): Win7, Win8.1, Server 2003, Server 2012R2

It's strange as Server 2008R2 works and I can't find anything has been changed to 2012.  I even installed the File Services role that gives the Server manager wizard for creating shares and settings quotas etc. I went through it's steps and did everything for a guest share, same issue.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Jackie Man IT Manager
Top Expert 2010

Commented:
Antivirus or third party firewall installed?

Author

Commented:
Currently no. Firewall is set to off, Antivirus has not been deployed yet.  Server and test client are in same subnet, client can browse to server and see list of shares.  When opening share the error persists.  No messages stand out in Event Viewer on Server or client.

Commented:
MemxIT,

A message has been sent to some additional experts asking them to review your question. We will check back again to see if you are getting the help you need.

Please do not respond to this comment; we will be monitoring your question for activity from the Experts.

Thank you for using Experts Exchange,
eenookami
Community Support Moderator
http://www.experts-exchange.com/R_28863.html
HTML5 and CSS3 Fundamentals

Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.

Author

Commented:
I have solved this problem 2 days ago and it was caused by a scenario i failed to mention in my initial post. I will post the solution later today when I have access to a computer.
Commented:
The solution:
http://www.briantist.com/errors/server-2012-vmware-esxi-permissions-errors-removable-storage-auditing/

I failed to mention this was in an ESXi 5.5 Environment.  The issue is related to devices being reported to the OS as supporting hot plug. Server 2012 has a new 'feature' called Audit Object Access that blocked hot plug/removable devices from being accessed remotely.

Summary:
gpedit.msc
Enabled Guest Account
Allow everyone permissions to apply to anonymous

Share folder with permissions set for everyone

Run the following from an elevated command line:
auditpol /set /subcategory:"Removable Storage" /failure:disable

Author

Commented:
I found the solution on my own.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial