I'd like to have a share on a Windows Server Domain Controller (2012 R2) with Mac software for folks on my company to install from. Not everyone who will have access to this share will have a domain account on Windows.
On the Windows Share I gave Read permissions to Anonymous, DOMAIN\Everyone and Guests. On the Folder, I gave read permissions to the same account.
From my Mac I go to Finder and try to access the server using
smb://[servername]/share
and I get an access denied.
On the Mac OS "Connect to Server" dialog, if I click on Browse the server does appear on the Network list, but if I double click the server I get "Connection Failed".
Either I want to fix this, or have an easy way for folks from the office to be able to easily grab software from a main share. Least desirable is to create domain accounts for everyone.
Best Answer
In order for Anonymous Macs to connect to Windows a local security policy needs to be changed. Run gpedit.msc. Open Local Computer Policy > Windows Settings > Security Settings > Security Options. Scroll down to find "Network access: Let Everyone permissions apply to anonymous users" and enable this setting. Run "gpupdate /force".
Your Macs should be able to connect as Guests.
I've also solved this by creating one user account in the domain like "Updates" and telling everyone the password. Then they can all log in as the "Updates" user and access any share you allow this domain user to access.