On a computer installed in Windows XP, even if the network connection and sharing settings are correct (such as the IP address belonging to the same subnet, NetBIOS on TCP / IP is enabled,
The firewall software does not prohibit the 135, 137, 138, 139 ports required for file sharing, and users who use other systems (including Windows 9x / ME / 2000 / XP, etc.) are still unable to access the computer. How should we solve this problem?
By default, Windows XP's local security settings require all users to access all guests. At the same time, the user rights assignment in the Windows XP Security Policy is prohibited from accessing the system through the network. Those two mutually contradictive security strategies have led to other users within the network to access the Windows XP's computer through the network. You can solve the following methods.
Method 1: Limit the guest account
Click "Start → Run", enter "GPEDIT.MSC" in the "Run" dialog, open the Group Policy Editor, and select Computer Configuration → Windows Settings → Security Settings → Local Policy → User Rights Assignment ", double click "Reject to access this computer" policy from the network, delete the "Guest" account inside. This other users can use the guest account to access the computer using the Windows XP system over the network.
Method 2: Change the network access mode
Open the Group Policy Editor, select Computer Configuration → Windows Settings → Security Settings → Local Policy → Security Options ", double-click Network Access: Local Account Sharing and Security Mode" Policy, will set the default setting "Only guest - local Users have passed the guest authentication ", change to" Classic: Local users verify their own authentication. "
Now, when other users access the computer using Windows XP via the network, they can log in with their own "identity" (provided that this account in Windows XP is correct).
When the strategy changes, the file sharing method has changed, and after the "Classic: Local User is verified by its own authentication", we can limit the number of users who simultaneously access the shared file and can target different users. Set different access rights.
However, we may also encounter another problem. When the user's password is empty, the access will still be rejected. It turns out that there is an "account: the local account using the blank password" policy is allowed to enable it by default, and the user who refuses the priority in the Windows XP security policy, the password is empty by network access It is disabled when using Windows XP. We will solve the problem as long as we stop this strategy.
