Windows XP won't allow drive share

Regular drive shares. If you are using a user account with a blank password, then file sharing has been disabled, this is a safety feature or so I'm told (if you have a blank password how safe can it be?)

You try to connect to C$ with the admin user/password combination and XP refuses to let you in giving you a password error.

With XP Pro in a WORKGROUP the default setting for Network access is to redirect it through guest account. There is a new policy active in the “Local Security Settings“ – “Local
Policies” – “Security Options”

"Network Access: Force network logons using local accounts to authenticate as Guest" "Enabled"

if you set it to "disabled" share connections should work as you knew it for Win2000 clients.



For XP personal try this:

1. At the Run command, type Regedit and click Enter.
2. Navigate to HKLM\System\CurrentControlSet\Control\LSA.
3. Select the ForceGuest registry value. Set ForceGuest=0 (Disabled).
4. Exit Regedit.

You do not need to reboot in order for this registry change to take effect.

More information below, this is the reasoning behind the change.

Managing Network Logons
----------------------------------------
An increasing number of WinXP Professional systems are connected directly to the Internet rather than to domains. This makes proper management of access control (including strong passwords and permissions associated with different accounts) more critical than ever. To ensure security, the relatively anonymous access control settings commonly associated with open Internet environments need to be curtailed.

As a result, the default in WinXP Pro requires all network connections that utilize the Network special identity to use the Guest account. This change is designed to prevent hackers attempting to access a system across the Internet from logging on using a local Administrator account. If you choose to override this default behavior, you need to make two key decisions:

1. Whether to allow network logons to access your system. You can
accomplish this goal by enabling the Guest account.

2. Whether to allow network logons greater permissions than are associated with the Guest account. You can accomplish this by disabling the registry key that forces network logons to use the Guest account (ForceGuest).

If you choose to allow one or both of these options, you must implement these changes along with your overall authentication and access control strategies, to ensure that outside users have only as much or as little access to the local system as you find to be appropriate. Regardless of which option you choose, the link between the Network logon special identity and the Guest account does not affect the following:

* Interactive logons. This includes remote access using Terminal Server or Telnet, for example, which are essentially "remote" instances of interactive logon sessions.

* Network logons using domain accounts.

* Outbound connections. The access control settings of the computer you are attempting to access govern outbound connections.

* Upgraded systems. Configuration settings that were in effect before the upgrade will remain in effect.

* Most server-based applications. Server applications that use non-domain accounts to access workstations (which are extremely rare and not recommended) are the only applications that could be affected.

To ensure that remote administration of domain-based computers running WinXP Professional is possible, you must include a domain-based account in the local administrators group. You can use the Group Policy snap-in to disable the registry setting that force Network logons to use the Guest account:

"Network Access: Force network logons using local accounts to authenticate
as Guest"

To allow network logons using non-Guest accounts

1. Open the Group Policy snap-in in the Microsoft Management Console and navigate to the Security Settings container:

Local Computer Policy\ Computer Configuration\ Windows Settings\ Security Settings\Local Policies\Security Options.

2. In the right-hand pane, select the policy "Network access: Force network logons using local accounts to authenticate as Guest", and right-click. Select Properties.

3. Select Disabled and Click OK.

4. Exit the Group Policy snap-in.