NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
ReadyNAS 526X allowing Windows 11 unauthorized SMB access
I have a ReadyNAS 526X running 6.10.7 and I just recently discovered that any Windows 11 computer can just type in \\NAS-IP-ADDRESS in Windows Explorer and have full unauthorized access. At first I t...
Just to update this, I just tried an older Windows 10 Pro laptop and it allows full access to SMB as well without logging in, so it's not just limited to Windows 11 I guess.
I retried the newer Windows 10 laptop I had previously tested and still asks for user/pass authentication as expected. Very strange.
Nothing? No one else having this issue?
I don't see any behavior on any of my NAS where unauthorized users can gain access. Your situation sounds like "everyone" access is still permitted, though perhaps it's not properly shown in the GUI.
Your issue with users being "locked out" sounds a lot like something I discovered changed in Windows 10 several months ago (though I forget which update). When you log into the NAS from Windows, Windows tries to log on using your Windows credentials. If those match a NAS user, all is well. If the user name doesn't match a user name on the NAS, then it prompts for a user name and password. But if the user name matches, but the password doesn't, then it doesn't prompt you. And it will never prompt you again until you re-boot. "Everyone" access doesn't change this. That lack of prompting is what changed -- it used to prompt you in this case as well. You aren't really "locked out" by the NAS, but you might as well be because you are not given another opportunity by Windows to enter credentials. Note that this is a Windows issue (and how it works with Linux SAMBA), and you can find people reporting it in forums not associated with the ReadyNAS. Oddly, it doesn't seem to affect everyone, but nobody seems to have figured out what's different when it does.
Since I don't want my NAS password to be stored in the Windows credential manager and changing my user name on my PCs or NAS would be a PITA, I now have a batch file on my desktop that uses the net use command, which still does prompt for a name and password:
net use * /delete net use M: \\192.168.0.30\Music /persistent:no net use N: \\192.168.0.30\Documents /persistent:no net use O: \\192.168.0.30\Other /persistent:no net use V: \\192.168.0.30\Videos /persistent:noNote that if you make them persistent, then Windows will have the same issue on the next boot, and you'll appear to be "locked out" because it will not ask you for a user name and password again. It's a work-around, not a solution, because I gave up on finding a real solution.
Just want to add that you can specify the username in the net use command ( /user:username). Nothing is stored in the credential manager, so security isn't really affected.
You can also include the password, but of course that would be in clear text if you put it in a batch file. It'd be safer to store it as a credential (as it would be encrypted).
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
