Windows 2016: Remote UNC with Local User
Author: jason
Date: 2019-05-03 10:21:26
Category: Technical

I ran into a problem the other day with a couple Windows 2016 servers that were in a Workgroup (not a Domain) and trying to go to their Shares via UNC... I couldn't, unless I used the main Administrator account. Even though my local user was on both servers with the same name and same password, they wouldn't let me get to C$ or servershare or anything...

Turns out, that has been like that for a while. It's a security thing... So add the following registry key on both servers (if you are going back and forth to the shares). I don't think I had to reboot or anything...

Code

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem

Name = LocalAccountTokenFilterPolicy
DWORD = 1


https://support.microsoft.com/en-us/help/951016/description-of-user-account-control-and-remote-restrictions-in-windows

https://www.harmj0y.net/blog/redteaming/pass-the-hash-is-dead-long-live-localaccounttokenfilterpolicy/

https://support.microsoft.com/en-us/help/942817/how-to-change-the-remote-uac-localaccounttokenfilterpolicy-registry-se



jason @ jasonthomasfrance.com - www.masterstationlog.com - copyright 2009