Solved

Guest accessible share not working on Domain Joined Server 2012 R2

Posted on 2014-02-27
7
2,834 Views
Last Modified: 2014-04-12
Security concerns aside, we require a share that had Read access for non-domain joined uses that connect as guest.

Under Server 2008R2 we simply changed 'allow everyone permission to apply to anonymous users' in security policies, enabled the Guest account, set share to everyone, security to everyone on the folder.

I've tried many things in Server 2012 with no resolve, and found numerous postings of people having this issue but some stating they managed to get it working. Their solution didn't work for us.

Additional settings I've tried on local security policy (gpedit.msc)
Restrict anonymous access to named pipes disable
allow anonymous access to named pipes (added our share name to the list)
allow anonymous access to shares (added out share name to the list)

We've restarted the server after each security change.

I know the remote client is coming in as guest by watching the connection using the ShareWatch utility.  The client is either WindowsXP, Win7, or Win8, all of them can now connect to the server and see shares, but opening the share in question give an error that the client does not have permission.

Server: Server 2012 R2 Standard
Tested clients (all non-domain joined): Win7, Win8.1, Server 2003, Server 2012R2

It's strange as Server 2008R2 works and I can't find anything has been changed to 2012.  I even installed the File Services role that gives the Server manager wizard for creating shares and settings quotas etc. I went through it's steps and did everything for a guest share, same issue.
0
Comment
Question by:MemxIT
  • 4
7 Comments
 
LVL 42

Expert Comment

by:Jackie Man
ID: 39902146
Antivirus or third party firewall installed?
0
 

Author Comment

by:MemxIT
ID: 39902231
Currently no. Firewall is set to off, Antivirus has not been deployed yet.  Server and test client are in same subnet, client can browse to server and see list of shares.  When opening share the error persists.  No messages stand out in Event Viewer on Server or client.
0
 
LVL 2

Expert Comment

by:Rob Jurd (eenookami)
ID: 39947167
MemxIT,

A message has been sent to some additional experts asking them to review your question. We will check back again to see if you are getting the help you need.

Please do not respond to this comment; we will be monitoring your question for activity from the Experts.

Thank you for using Experts Exchange,
eenookami
Community Support Moderator
http://www.experts-exchange.com/R_28863.html
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 

Author Comment

by:MemxIT
ID: 39947622
I have solved this problem 2 days ago and it was caused by a scenario i failed to mention in my initial post. I will post the solution later today when I have access to a computer.
0
 

Accepted Solution

by:
MemxIT earned 0 total points
ID: 39983338
The solution:
http://www.briantist.com/errors/server-2012-vmware-esxi-permissions-errors-removable-storage-auditing/

I failed to mention this was in an ESXi 5.5 Environment.  The issue is related to devices being reported to the OS as supporting hot plug. Server 2012 has a new 'feature' called Audit Object Access that blocked hot plug/removable devices from being accessed remotely.

Summary:
gpedit.msc
Enabled Guest Account
Allow everyone permissions to apply to anonymous

Share folder with permissions set for everyone

Run the following from an elevated command line:
auditpol /set /subcategory:"Removable Storage" /failure:disable
0
 

Author Closing Comment

by:MemxIT
ID: 39995819
I found the solution on my own.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now