C
Carlos
I'm having a problem which no ones seems to resolve. I've been in few forums
and no luck. Thus, I hope this forum to be my last one...
it is simple... I have a 2003 Ent. SP2 box (let's call it MYBOX) which is a
member in a 2003 AD domain. I have a folder which I am sharing on this member
server and I want users, coming from different subnets and with PCs not
joined to the AD domain where MYBOX, to be able to get into the shares
without being prompted for username and password.
How can I accomplish this?
These are the thing I've already tried:
under Configuration >Windows Settings >Security Settings >Local Policies
-enabled the share and allowed Everyone full permissions
-under the share security, allowed ANONYMOUYS LOGON and Everyone full control
-under the AD controllers of the domain where MYBOX sits, created an OU,
placed MYBOX into this OU and created a GPO with the following:
--Enabled Guest account
--Enabled Network Access: Allow anonymous SID/Name translation
--Disabled Network Access: Do not allow anonymous enumeration of SAM accounts
--Disabled Network Access: Do not allow anonymous enumeration of SAM
accounts and shares
--Enabled Network Access: Let everyone permissions apply to anonymous users
--Disabled Network Access: Restrict anonymous access to Named Pipes and Shares
--added under Network Access: Shares that can be accessed anonymously, I
added the name of the share
--changed Network Access: Sharing and security model for local accounts to
Guest only - local users authenticate as Guest
Under Configuration >Windows Settings >Security Settings >Local Policies
I modified the Access this computer from the network setting to add the
ANONYMOUS LOGON
This GPO has been successfully applied to the OU and MYBOX has successfully
received it. I checked this by running rsop.msc on MYBOX
But nothing I do seems to stop this prompting. Can you please help?
and no luck. Thus, I hope this forum to be my last one...
it is simple... I have a 2003 Ent. SP2 box (let's call it MYBOX) which is a
member in a 2003 AD domain. I have a folder which I am sharing on this member
server and I want users, coming from different subnets and with PCs not
joined to the AD domain where MYBOX, to be able to get into the shares
without being prompted for username and password.
How can I accomplish this?
These are the thing I've already tried:
under Configuration >Windows Settings >Security Settings >Local Policies
Security Options:
-enabled the share and allowed Everyone full permissions
-under the share security, allowed ANONYMOUYS LOGON and Everyone full control
-under the AD controllers of the domain where MYBOX sits, created an OU,
placed MYBOX into this OU and created a GPO with the following:
--Enabled Guest account
--Enabled Network Access: Allow anonymous SID/Name translation
--Disabled Network Access: Do not allow anonymous enumeration of SAM accounts
--Disabled Network Access: Do not allow anonymous enumeration of SAM
accounts and shares
--Enabled Network Access: Let everyone permissions apply to anonymous users
--Disabled Network Access: Restrict anonymous access to Named Pipes and Shares
--added under Network Access: Shares that can be accessed anonymously, I
added the name of the share
--changed Network Access: Sharing and security model for local accounts to
Guest only - local users authenticate as Guest
Under Configuration >Windows Settings >Security Settings >Local Policies
User Rights Assignment,
I modified the Access this computer from the network setting to add the
ANONYMOUS LOGON
This GPO has been successfully applied to the OU and MYBOX has successfully
received it. I checked this by running rsop.msc on MYBOX
But nothing I do seems to stop this prompting. Can you please help?