SMB Guest Share Access

After Upgrading to Windows 10 1709 (Fall Creators Update) you may not be able to connect to network shares or your NAS with the guest account.  Windows 10 1709 onwards (including Server 2016 and Server 2019) Cannot Access SMB2 Shares via the Guest account.  The following error may be shown:

An error occurred while reconnecting X: to Share
Microsoft Windows Network: You can’t access this shared folder because your organization’s security policies block unauthenticated guest access. These policies help protect your PC from unsafe or malicious devices on the network.


Starting with Windows 10 1709, Windows prevents you from accessing network shares with guest access enabled. Guest access means connecting to network shares without authentication, using the built-in “guest” account.

This has no reference to the SMB1 protocol which was disabled in the latest Windows 10 release and all new Server installs from 2016.


To enable guest access again, configure the following GPO:

Computer configuration > administrative templates > network > Lanman Workstation: "Enable insecure guest logons" = Enabled


Registry Key

The corresponding registry key is located under:



You can also download the reg file to simply click and set the registry key from here: AllowInsecureGuestAuth

MDM Policy

There is also an MDM Policy available, starting with Windows 10 1803:

About guest access

Guest access is often used to access data stored on Network Attached Storage, e.g. on a Synology NAS. Every user from any device has access to these shares. Generally it’s never recommended to use guest access because it’s a huge security risk. Within the time of ransomware, encrypting whole drives it’s definitely not a good idea. I strongly recommend to use LDAP Support to authenticate against your NAS.