Domain-joined servers cannot access non-domain file shares

I ran into this when I was setting up a test domain at home. A domain controller and domain server was unable to connect to my file server that was not on the domain. Trying to access the file share via either an ip address or UNC share gave the error message “Windows cannot access [sharename]”

If you press ctrl and R (for RUN) and then put the IP/file share name in, and press enter, you’ll get an error messages “You can’t access this shared folder because your organization’s security policies block unauthenticated guest access. These polices help to protect you PC from unsafe or malicious devices on the network”

You’ll need to allow domain machines to access insecure logins. This can be done via opening gpedit.msc and then Computer Configuration > Administrative Templates > Network > Lanman Workstation > Enable insecure guest logons and enable. This setting can be rolled out over a domain, or done on a per-machine basis, but I wouldn’t really reccomend doing this on a non-lab setup.

Leave a Reply

Your email address will not be published. Required fields are marked *