Network access: Sharing and security model for local accounts

Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options


Determines how network logons that use local accounts are authenticated. If this setting is set to Classic, network logons that use local account credentials authenticate by using those credentials. If this setting is set to Guest only, network logons that use local accounts are automatically mapped to the Guest account. The Classic model allows fine control over access to resources. By using the Classic model, you can grant different types of access to different users for the same resource. Using the Guest only model, all users are treated equally. All users authenticate as Guest, and they all receive the same level of access to a given resource, which can be either Read Only or Modify.

There are two models available:

Classic: local users authenticate as themselves.

Guest only: local users authenticate as Guest.

Default: Guest only on Windows XP Professional.



This setting does not affect network logons that use domain accounts.

This setting does not affect interactive logons that are performed remotely by using services such as Telnet or Terminal Services.

When the computer is not joined to a domain, this setting also tailors the Sharing and Security tabs in Windows Explorer to correspond to the sharing and security model that is being used.


With the Guest only model, any user who can access your computer over the network (including anonymous Internet users) can access your shared resources. You must protect your computer from unauthorized access by using the Internet Connection Firewall (ICF) or other similar device. Similarly, with the Classic model, local accounts must be be password protected; otherwise, those user accounts can be used by anyone to access shared system resources.

This policy does not apply on Windows 2000 computers.

For more information, see:

Security Configuration Manager Tools

© 2017 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy & Cookies