Policy

Audit insecure guest logon

This policy controls whether the SMB server will enable the audit event when the client is logged on as guest account. If you enable this policy setting, the SMB server will log the event when the client is logged on as guest account. If you disable or do not configure this policy setting, the SMB server will not log the event.

Policy
Pack Microsoft Windows
Category Network / Lanman Server
Policy ID bc7fa5b6fb49
Internal name Pol_AuditInsecureGuestLogon

Registry

Copy registry mappings

HKLM\Software\Policies\Microsoft\Windows\LanmanServer\AuditInsecureGuestLogon (enabled) = 1
HKLM\Software\Policies\Microsoft\Windows\LanmanServer\AuditInsecureGuestLogon (disabled) = 0

Policy notes

This policy controls whether the SMB server will enable the audit event when the client is logged on as guest account. If you enable this policy setting, the SMB server will log the event when the client is logged on as guest account. If you disable or do not configure this policy setting, the SMB server will not log the event.

Related policies

Audit client does not support encryptionAudit client does not support signingAudit SMB client SPN supportCipher suite orderDisable SMB compressionEnable authentication rate limiterEnable remote mailslots