Policy

Audit insecure guest logon

This policy controls whether the SMB client will enable the audit event when the client is logged on as guest account. If you enable this policy setting, the SMB client will log the event when the client is logged on as guest account. If you disable or do not configure this policy setting, the SMB client will not log the event.

Policy
Pack Microsoft Windows
Category Network / Lanman Workstation
Policy ID 3d7a9bb985f1
Internal name Pol_AuditInsecureGuestLogon

Registry

Copy registry mappings

HKLM\Software\Policies\Microsoft\Windows\LanmanWorkstation\AuditInsecureGuestLogon (enabled) = 1
HKLM\Software\Policies\Microsoft\Windows\LanmanWorkstation\AuditInsecureGuestLogon (disabled) = 0

Policy notes

This policy controls whether the SMB client will enable the audit event when the client is logged on as guest account. If you enable this policy setting, the SMB client will log the event when the client is logged on as guest account. If you disable or do not configure this policy setting, the SMB client will not log the event.

Related policies

Alternative Port MappingsAudit server does not support encryptionAudit server does not support signingBlock NTLM (LM, NTLM, NTLMv2)Block NTLM Server Exception ListCipher suite orderDisable SMB compression