Solved

Guest accessible share not working on Domain Joined Server 2012 R2

Posted on 2014-02-27
7
2,921 Views
Last Modified: 2014-04-12
Security concerns aside, we require a share that had Read access for non-domain joined uses that connect as guest.

Under Server 2008R2 we simply changed 'allow everyone permission to apply to anonymous users' in security policies, enabled the Guest account, set share to everyone, security to everyone on the folder.

I've tried many things in Server 2012 with no resolve, and found numerous postings of people having this issue but some stating they managed to get it working. Their solution didn't work for us.

Additional settings I've tried on local security policy (gpedit.msc)
Restrict anonymous access to named pipes disable
allow anonymous access to named pipes (added our share name to the list)
allow anonymous access to shares (added out share name to the list)

We've restarted the server after each security change.

I know the remote client is coming in as guest by watching the connection using the ShareWatch utility.  The client is either WindowsXP, Win7, or Win8, all of them can now connect to the server and see shares, but opening the share in question give an error that the client does not have permission.

Server: Server 2012 R2 Standard
Tested clients (all non-domain joined): Win7, Win8.1, Server 2003, Server 2012R2

It's strange as Server 2008R2 works and I can't find anything has been changed to 2012.  I even installed the File Services role that gives the Server manager wizard for creating shares and settings quotas etc. I went through it's steps and did everything for a guest share, same issue.
0
Comment
Question by:MemxIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
7 Comments
 
LVL 44

Expert Comment

by:Jackie Man
ID: 39902146
Antivirus or third party firewall installed?
0
 

Author Comment

by:MemxIT
ID: 39902231
Currently no. Firewall is set to off, Antivirus has not been deployed yet.  Server and test client are in same subnet, client can browse to server and see list of shares.  When opening share the error persists.  No messages stand out in Event Viewer on Server or client.
0
 
LVL 2

Expert Comment

by:Rob Jurd (eenookami)
ID: 39947167
MemxIT,

A message has been sent to some additional experts asking them to review your question. We will check back again to see if you are getting the help you need.

Please do not respond to this comment; we will be monitoring your question for activity from the Experts.

Thank you for using Experts Exchange,
eenookami
Community Support Moderator
http://www.experts-exchange.com/R_28863.html
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 

Author Comment

by:MemxIT
ID: 39947622
I have solved this problem 2 days ago and it was caused by a scenario i failed to mention in my initial post. I will post the solution later today when I have access to a computer.
0
 

Accepted Solution

by:
MemxIT earned 0 total points
ID: 39983338
The solution:
http://www.briantist.com/errors/server-2012-vmware-esxi-permissions-errors-removable-storage-auditing/

I failed to mention this was in an ESXi 5.5 Environment.  The issue is related to devices being reported to the OS as supporting hot plug. Server 2012 has a new 'feature' called Audit Object Access that blocked hot plug/removable devices from being accessed remotely.

Summary:
gpedit.msc
Enabled Guest Account
Allow everyone permissions to apply to anonymous

Share folder with permissions set for everyone

Run the following from an elevated command line:
auditpol /set /subcategory:"Removable Storage" /failure:disable
0
 

Author Closing Comment

by:MemxIT
ID: 39995819
I found the solution on my own.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
While working, an annoying popup showing below will come and we cannot cancel or close it form the screen. The error message will come again and again.
This Micro Tutorial will teach you how to change your appearance and customize your Windows 7 interface to your unique preference. This will be demonstrated using Windows 7 operating system.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question