Does Windows 2016 Server block non-domain computers accessing shared folders?

Does Windows 2016 Server block non-domain computers from accessing shared folders by default or is additional configuration required?
Gavin75Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cliff GaliherCommented:
Neither a domain nor domain joined clients are required.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
timgreen7077Exchange EngineerCommented:
Yes they are blocked by default. it doesn't matter if they are domains joined or not. you must be granted permissions to access shared folders.
Gavin75Author Commented:
Hi, there seems to be a bit of a misunderstanding: I understand that access to files and folders can be controlled at a User level but what I don't want are Users connecting computers to the network, which are not joined to the domain and being able to access shared folders using their Domain login credentials. I realise there are various ways to control access to the network at a layer 2 level using switches etc. but I am interested in how Windows 2016 Server reacts to non-domain computers trying to access domain resources, in particular, shared folders. Thanks for your input.
The 7 Worst Nightmares of a Sysadmin

Fear not! To defend your business’ IT systems we’re going to shine a light on the seven most sinister terrors that haunt sysadmins. That way you can be sure there’s nothing in your stack waiting to go bump in the night.

LearnctxEngineerCommented:
Hi, there seems to be a bit of a misunderstanding: I understand that access to files and folders can be controlled at a User level but what I don't want are Users connecting computers to the network, which are not joined to the domain and being able to access shared folders using their Domain login credentials.

Wow, yeah I'll bet there is a bit of a misunderstanding because you've asked a completely different question :) If you're looking after a Windows server solution I would try looking at Dynamic Access Control (DAC) and setting up an access rule that requires a user and device claim for access. This will require a client OS of Windows 8 or higher to support device claims. Otherwise you're going to need to look at a network solution.
Gavin75Author Commented:
It was definitely the same question, just elaborated on but I appreciate your input. I’ll have a closer look at your suggestion and the related GPO settings. Thanks
Seth SimmonsSr. Systems AdministratorCommented:
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

Accept: Cliff Galiher (https:#a42473474)

If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

seth2740
Experts-Exchange Cleanup Volunteer
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2016

From novice to tech pro — start learning today.