Hi all,

I had a strange little quirk the other day, and I was wondering if
someone could help clear it up for me (it's not a problem, I'd just
like to understand how it's working!).

We had someone from outside our domain come into our company, and
needed access to a client PC on the network. Let's call the guy from
outside Mr X. Mr X. had a laptop and was obviously logging on to the
laptop with a username and password. To try to give him the access to
the client PC he required, we recreated his username/password in AD.
When he tried to access the client machine (with \\<computername>), he
got an error which said the logon "type" was denied. After much
searching, we found out the Guest account on the client PC he was
trying to access was enabled, and when we *disabled* it, it gave him
access. It's as though his laptop was trying to logon with the Guest
credentials before using it's username/password, but some security
setting was in effect which was stopping the Guest account from logging
on.

The question is - any ideas where this Guest account setting would be,
that would stop the Guest account credentials being used, even if the
Guest account was enabled on the client machine??? I assumed it would
be somewhere in Domain Security/Group Policy (under local security
settings), but I can't find it anywhere!!!

I'd quite like to get to the bottom of this, so any help would be
appreciated.

TIA,
DSt.