Policy
Audit insecure guest logon
This policy controls whether the SMB server will enable the audit event when the client is logged on as guest account. If you enable this policy setting, the SMB server will log the event when the client is logged on as guest account. If you disable or do not configure this policy setting, the SMB server will not log the event.
PackMicrosoft Windows
CategoryNetwork / Lanman Server
Policy ID
bc7fa5b6fb49Internal name
Pol_AuditInsecureGuestLogonRegistry
Copy registry mappings
HKLM\Software\Policies\Microsoft\Windows\LanmanServer\AuditInsecureGuestLogon (enabled) = 1
HKLM\Software\Policies\Microsoft\Windows\LanmanServer\AuditInsecureGuestLogon (disabled) = 0Policy notes
This policy controls whether the SMB server will enable the audit event when the client is logged on as guest account. If you enable this policy setting, the SMB server will log the event when the client is logged on as guest account. If you disable or do not configure this policy setting, the SMB server will not log the event.