Windows OS Hub
  • Windows Server
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Active Directory Domain Services (AD DS)
    • Group Policies
  • Windows Clients
    • Windows 11
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows XP
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
    • KVM
  • PowerShell
  • Exchange
  • Cloud
    • Azure
    • Microsoft 365
    • Office 365
  • Linux
    • CentOS
    • RHEL
    • Ubuntu
  • Home
  • About

Windows OS Hub

  • Windows Server
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Active Directory Domain Services (AD DS)
    • Group Policies
  • Windows Clients
    • Windows 11
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows XP
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
    • KVM
  • PowerShell
  • Exchange
  • Cloud
    • Azure
    • Microsoft 365
    • Office 365
  • Linux
    • CentOS
    • RHEL
    • Ubuntu

 Windows OS Hub / Windows 10 / Anonymous File and Printer Sharing Without Password in Windows 10 / Server 2016

October 24, 2019 Windows 10Windows Server 2016

Anonymous File and Printer Sharing Without Password in Windows 10 / Server 2016

By default, when a user tries to access a network shared folder on a server joined to the Active Directory domain from a workgroup computer, the prompt to enter a domain account credentials appears. Let’s consider how to enable unauthenticated (anonymous) access to a shared folders or printers on a domain server from workgroup computers in Windows 10 / Windows Server 2016.

input cerdentials to access shared folder on windows

From the security point of view, it is not recommended to enable anonymous network access for a guest account. Moreover you should never do it on the AD Domain Controllers. So prior to enabling anonymous access, try to use the more correct way – join workgroup computer to your domain or create domain accounts for all users in a workgroup.

Contents:
  • Local Anonymous Access Group Policies
  • Allow Anonymous Access to a Shared Folder on Windows
  • How to Enable Anonymous Access to a Shared Printer?

Local Anonymous Access Group Policies

Open the Local Group Policy Editor (gpedit.msc) on a server/computer, which you want to enable anonymous access to.

Go to the following GPO section: Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options. Configure the following policies:

  • Accounts: Guest Account Status: Enabled
  • Network access: Let Everyone permissions apply to anonymous users: Enabled
  • Network access: Do not allow anonymous enumeration of SAM accounts and shares: Disabled

group policy settings to allow anonymous access to a network shared folder on windows 10 / server 2016

For a security reasons, make sure that the Guest account is specified in the Deny log on locally policy under the Local Policies -> User Rights Assignment.

Then make sure that Guest is also specified in the Access this computer from network policy in the same section, and the Deny access to this computer from the network policy should not have Guest as the value.

Also make sure that network folder sharing is enabled in Windows ( Settings  -> Network & Internet  -> Ethernet -> Change advanced sharing options). In All Networks section, select the options Turn on sharing so anyone with network access can read and write files in the Public folders and Turn off password protected sharing if you trust all devices in your network (refer the article “Can’t see computers on my network”.)
windows 10 / 2016 - turn on sharing so anyone with network access can read and write files in the Public folders

Allow Anonymous Access to a Shared Folder on Windows

Then you have to configure permissions to access the network folder you want to share. Open the folder properties, got to the Security tab and check current folder NTFS permissions. Press Edit -> and assign Read permissions (and Modify if needed) to Everyone local group. To do it, click Edit -> Add -> Everyone and select the folder access privileges for anonymous users. I have granted read-only permissions.

allow guests (everyone) to access shared folder on windows 10

In the Sharing tab, allow anonymous users to access the shared folder (Share -> Advanced Setting -> Permissions). Make sure that Everyone group has Change and Read permissions.

averyuone shared folder permissions

In the Local Policies -> Security Options section of the Local Group Policy Editor enable the policy Network access: Shares that can be accessed anonymous. Here you must specify the shared folder names you want to enable anonymous access to (in my example, it is Share1, Distr and Docs folders).

group policy: Network access: Shares that can be accessed anonymous

How to Enable Anonymous Access to a Shared Printer?

To enable anonymous access to a shared printer on your computer, open the shared printer properties in theControl Panel -> Hardware and Sound -> Devices and Printers. Check the options Render print jobs on client computers on the Sharing tab.

enable the option "Render print jobs on client computers " on the shared printer

Then check all permissions for Everyone group on the printer Security tab.

printer permissions - allow everyone (guest) to print on a shared printer

After that you will be able to connect to your shared folder (\\server-name\sharedfolder) and printer on a domain computer/server from workgroup computers without entering your credentials, i. e. anonymously.

In Windows 10 1709 or newer network access to a shared folder over the SMBv2 protocol under the guest account is restricted by default and you can see the following error: ‘You can’t access this shared folder because your organization’s security policies block unauthenticated guest access’. See this article.

9 comments
2
Facebook Twitter Google + Pinterest
previous post
Active Directory Dynamic User Groups with PowerShell
next post
Error Code: 0x80070035 “The Network Path was not found” after Windows 10 Update

Related Reading

Configuring Event Viewer Log Size on Windows

May 24, 2023

How to Detect Who Changed the File/Folder NTFS...

May 24, 2023

Enable Single Sign-On (SSO) Authentication on RDS Windows...

May 23, 2023

Allow Non-admin Users RDP Access to Windows Server

May 22, 2023

How to Create, Change, and Remove Local Users...

May 17, 2023

Categories

  • Active Directory
  • Group Policies
  • Exchange Server
  • Microsoft 365
  • Azure
  • Windows 11
  • Windows 10
  • Windows Server 2022
  • Windows Server 2019
  • Windows Server 2016
  • PowerShell
  • VMWare
  • Hyper-V
  • Linux
  • MS Office

Recent Posts

  • Configuring Event Viewer Log Size on Windows

    May 24, 2023
  • How to Detect Who Changed the File/Folder NTFS Permissions on Windows?

    May 24, 2023
  • Enable Single Sign-On (SSO) Authentication on RDS Windows Server

    May 23, 2023
  • Allow Non-admin Users RDP Access to Windows Server

    May 22, 2023
  • How to Create, Change, and Remove Local Users or Groups with PowerShell?

    May 17, 2023
  • Fix: BSOD Error 0x0000007B (INACCESSABLE_BOOT_DEVICE) on Windows

    May 16, 2023
  • View Success and Failed Local Logon Attempts on Windows

    May 2, 2023
  • Fix: “Something Went Wrong” Error When Installing Teams

    May 2, 2023
  • Querying Windows Event Logs with PowerShell

    May 2, 2023
  • Configure Windows LAPS (Local Administrator Passwords Solution) in AD

    April 25, 2023

Follow us

  • Facebook
  • Twitter
  • RSS
Popular Posts
  • Booting Windows 7 / 10 from GPT Disk on BIOS (non-UEFI) systems
  • Error Code: 0x80070035 “The Network Path was not found” after Windows 10 Update
  • Removable USB Flash Drive as Local HDD in Windows 10 / 7
  • How to increase KMS current count (count is insufficient)
  • How to Disable UAC Prompt for Specific Applications in Windows 10?
  • How to Create a UEFI Bootable USB Drive to Install Windows 10 or 7?
  • Configuring L2TP/IPSec VPN Connection Behind a NAT, VPN Error Code 809
Footer Logo

@2014 - 2023 - Windows OS Hub. All about operating systems for sysadmins


Back To Top