Server 2008 R2 cannot access over netwrok

I have a Windows Server 2008 R2 machine that is not connected to the domain for security reasons, but we did setup a shared folder to be accessed by the two lead technicians on site.

All the basic stuff has been done. We are not using a blank password, file sharing with passwords has been turned on (i do not want to enable blank passwords for security purposes), it doesn't work if I use IP address. I am 1000% sure the password I am entering is accurate. I have even entered the password as both: username and as "servername\username"

I created a new local user on that machine with a new password. Same result. If I actually enter a bad username or password, I get a different error code than below. I believe it said 6d instead of 6e....

I feel like I have checked and recheck NTLM settings in GPedit over and over again. It is set to accept NTLM but also v2 if negotiated. No matter what I do
SERVER is not accessible, You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.

Logon failure: user account restriction. Possible reasons are blank passwords not allowed, logon hour restrictions, or a policy restriction has been enforced.

On the server where I am trying to access, the security log has this:
An account failed to log on.

	Security ID:		NULL SID
	Account Name:		-
	Account Domain:		-
	Logon ID:		0x0

Logon Type:			3

Account For Which Logon Failed:
	Security ID:		NULL SID
	Account Name:		administrator
	Account Domain:		bethanyhv

Failure Information:
	Failure Reason:		Unknown user name or bad password.
	Status:			0xc000006e
	Sub Status:		0xc000006e

Process Information:
	Caller Process ID:	0x0
	Caller Process Name:	-

Network Information:
	Workstation Name:	SERVERNAME
	Source Network Address:
	Source Port:		64586

Detailed Authentication Information:
	Logon Process:		NtLmSsp 
	Authentication Package:	NTLM
	Transited Services:	-
	Package Name (NTLM only):	-
	Key Length:		0

This event is generated when a logon request fails. It is generated on the computer where access was attempted.

The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).

The Process Information fields indicate which account and process on the system requested the logon.

The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
	- Transited services indicate which intermediate services have participated in this logon request.
	- Package name indicates which sub-protocol was used among the NTLM protocols.
	- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.

Open in new window

If someone can help identify what I should check to get permissions to browse shared resources on this machine I would be very grateful. I've been beating my head against a virtual wall for days now.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

can you access any other resources with these user credentials or is it just this particular one that is inaccessible?

eg browse to '\\servername\c$' to see if you can see the admin share
'\\servername' for access to all shares & printers etc.
fecklessnessAuthor Commented:
no, it is the same results when accessing specific shares. no matter what you try to access on that server, you get the same result as described above.
Davis McCarnOwnerCommented:
Since it is not joined to the domain, the age old trick is to make its workgroup name match the domain name.
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

What about the other way around?  Can this server access shares on the domain, with the appropriate credentials?

The firewall isn't getting in the way, is it?
fecklessnessAuthor Commented:
No, I have tried turning off firewall. And yes we can access shares on the domain.
Under 'Network and Sharing Center', what type of network did you select?  If it's set to 'Public', change it to 'Work'.
fecklessnessAuthor Commented:
It is currently set for 'Work'.
the error does appear to be specific to credentials. have you tried creating a new user and seeing if that works?
Reset the password to see if it helps?
Check the password isn't 'expired'?
fecklessnessAuthor Commented:
I tried that  -  "I created a new local user on that machine with a new password. Same result. If I actually enter a bad username or password, I get a different error code than below. I believe it said 6d instead of 6e...."
Davis McCarnOwnerCommented:
Did you change the workgroup name to match the domain?
fecklessnessAuthor Commented:
Yes. This had no positive effect.

Here's where I am at so far. I have access but I had to enable the guest account...

Go to gpedit.msc, Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options

Set Guest Account Status: Enabled

Set Network access: Sharing and security model for local accounts to Classic (already was this but I checked to confirm)

Check Access remotely, it works using "servername\username" and password

Set Guest Account Status to disabled and access is denied again. So it only works if I enable guest, even though I am apparently using the classic form of authentication which requires username/password.
Are you attempting to RDP into the server?  If so, is Remote Desktop enabled (it is disabled by default)?  Set Remote Desktop to allow connections for computers running any version of RDP.
fecklessnessAuthor Commented:
no RDP, just trying to access shares
Davis McCarnOwnerCommented:
What happens if you create an AD user account that exactly matches one on this server and try using it from a workstation?
fecklessnessAuthor Commented:
Steps taken:
- GPEDIT, disabled Guest Account
- create matching user in AD
- try using credentials again to access non-domain fileserver

Are you attempting to access the share via IP or server name?  If the latter, is there a DNS entry?

Try remapping the shares and give everyone access.  If that works, just enable the specific users and then delete the everyone access.

Double check your anti-virus and firewall.  Maybe they are doing some overtime protecting you?
Davis McCarnOwnerCommented:
"Steps taken:
 - GPEDIT, disabled Guest Account
 - create matching user in AD
 - try using credentials again to access non-domain fileserver"

You left out #3, login to workstation with same credentials before " - try using credentials again to access non-domain fileserver"
One more thing: on the NIC, is file and printer sharing enabled?
is there any chance that you or anyone else has amended local group policy on this server in the past? should work by default, but there are many settings in local group policy that could cause this.

try running gpresult /h result.html and looking at the results for any security/access settings.
fecklessnessAuthor Commented:
Good idea. We had amended some network access settings regarding NTLM previously but we did reset those settings. Running GPRESULT doesn't indicate any of those settings being applied now though. The only real rule I see being applied is allowing RDP which has nothing to do with my problem....

Yes File & Printer sharing is enabled.

@DavidMcCarn completed steps as described, logging in with same credentials and accessing the non-domain server. No positive effect.
I will start my recommendation saying that you should bring the machine to basic installation (re-install).  Then create the accounts of the Tech people on the machine (notice I said machine) as administrators.  Create the share either using "Share an Storage Management" or properties using the file explorer.  Once you have finished and tested that users can access the shares then you can start playing around with the Group Policy.

Now, if the machine is out of the domain and only local users are going to have access to it, I find it redundant to play with GP if only administrators have access to it... unless you don't trust them!!!! ;)
fecklessnessAuthor Commented:
None of this worked, we have resorted to enabling the Guest user, even though we are using a username and password to access the shared folders this is the only way it works. I have renamed the Guest user so at least it is much harder for someone to hack that I hope!. Thanks for all the suggestions, I wish one of them worked out.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Seth SimmonsSr. Systems AdministratorCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.