Google

Thursday, October 25, 2007

policy setting using gpedit.msc to enable Anonymous access and permission settings!!!

MS has disabled Anonymous access in this version of Windows. Anonymous access was allowed in Windows NT and 2000. You need to set policy setting using gpedit.msc to enable thia access on server or domain controllers:
Go to gpedit.msc > Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options, In right pane edit the following policy setting:
Network access: Let Everyone permissions apply to anonymous users, and then click Properties.
On domain controllers you need to use *Domain Controllers Security Policy* snap-in to enable this access as long as Domain Controller computer account is in "Domain Controllers" OU.
Microsoft has modified share permissions in this version of Windows. The default permissions has been changed to give users only *Read* permission. If users are still unable to access share then modify permissions:
Allow Everyone : Full Control in Share permission.
then change NTFS permissions accordingly or add Everyone Group on Security tab for NTFS permissions.

Enable null session sharesWarning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
To enable null session access, you must modify the registry on every cluster node: 1. Start Registry Editor (Regedt32.exe). 2. Locate the following key in the registry:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters\NullSessionSharesNOTE: NullSessionShares is a REG_MULTI_SZ value.
3. On a new line in the NullSessionShares key, type the name of the share that you want to access with a null session (for example, public). 4. If the program uses named pipes and requires null session support, locate the following key in the registry: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters\NullSessionPipes NOTE: NullSessionPipes is a REG_MULTI_SZ value.
On a new line in the NullSessionPipes key, type the name of the pipe that you want to access with a null session. 5. Locate and click the following key in the registry:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA 6. On the Edit menu, click Add Value, and then add the following registry value: Value Name: RestrictAnonymousData Type: REG_DWORDValue: 0 7. Quit Registry Editor. 8. Restart the server.
Klick Run->write compmgmt.msc enter->find Local Users and Groups->klik Users -> find Guest then double clik->select chek box on Account is disabled
Then go to Local securty settings->Securty option ->Account: Guest Account status : Disabled

No comments: