# Solved: You might not have permission to use this network resource



## Mossbrook

I have been struggling with this for a month and reading every internet search refference to "you may not have permission.."
so I had done all the suggestions
enable NetBios
disable simple file sharing on XP pro
All using same workgroup name
All with shared folders available.
I did not disable the firewall in SP2

After much effort and time wasted I have solved my XP pro workgroup problem so I have to get this out there. May not be the solution for everyone but seems a lot of people have done all the suggestions and are struggling with this quirk.

I first had discovered that although XP pro would not allow access through the workgroup,
(error: ...not accessible. You might not have permission to use this network resource ...) I could access the various workgroup computers by entering their IP in the address bar of a folder on XP pro. ie 
\\192.168.1.103 or whtever had been asigned by the router.

but the computer "\\name" would not work in the address bar. Even if I could call up the workgroup (sometimes possible), clicking on the computer name would not allow access.

I could not understand why XPpro would see the computer but not recognize its name as a valid workgroup computer.

Using Search/files and folders/computers on the network/computer name
The computer was found. s
Still, I could not get to it by clicking on the found link in search.

However, I made a shortcut of the found link on my dedsktop. Then clicking this desktop shortcut, I was taken to the computer.

I could then enter "\\computer name" in the address bar and go to the chosen computer.

Following this, clicking on the workgroup, now found the computer and allowed access.

Go figure..


May not be relevant but..
I did discover that the linksys DSL wireless router keeps track of what IP it has assigned to a given computer and always reasigns the same IP to that computer regardless of which computer logs on first. Unless you go to the list under Status, Local Network, DHCP list and delete the entry. The router apparently holds the number in reserve for 24 hours at which time if there has been no return logon, the number expires and becomes available for reassignment.


----------



## 5mi11er

So, you're saying the solution is to "find" the computer in question, then make a shortcut link to that computer on the desktop?


----------



## Mossbrook

I know it seems foolish. But once I did the shortcut, everything else began to work and I then deleted the shortcut.

I also have been reading at MS support that it can take up to 15 minutes for the computers in a workgroup to contact each other and settle down. Maybe part of my problem was not waiting for this to take place.

Anyway, for me, being able to reach other workgroup computers uing their IP was the beginning. Why could I do that but not use their names. Figured it must be a problem with the "Computer Browser" service built in that is supposed to keep track of these things.

BTW
All did not exactly go smooth after turning off the computers in the group for a while. Started getting the old error again when they came back on, but it resolved itself over a bit of time. Guess I'm still seeking to smooth this out.


Right now, everyine can see and access everyone..(knock on wood... if I can find any)

Mossbrook


----------



## DragonWiz

Here's what ya really need to do to fix the problem... Straight from the DragonWiz

1. Click Start, click Run, type regedit in the Open box, and then click OK.
2. Locate and then double-click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
3. In the right pane, double-click restrictanonymous.
4. Make sure that the value in the Value data box is set to 0, and then click OK.
5. Close Registry Editor.
6. Restart the computer.


----------



## s1ihome

as DragonWiz said, I located the subkey in Regedit, and I found the value of 'restrictanonymous' was 0, then I modified the value of another subkey im same location named 'limitblankpassworduse' and set it to 1, then I could access to this computer.

You can try this and have a good luck!


----------



## starc

Thanks DragonWiz, been trying to fix that problem for quite some time. Your method corrected it right away


----------



## tom94022

Been chasing this problem for a week. Following the instructions above, I was able to search for a computer on the network, make a shortcut and access the computer. Following the instructions above, I verified my registry settings are correct I still do not see any LAN devices in My Network Places and if I try to add them when I get to my local named network i get the no permission message Everything worked about two weeks ago, I figure it is either a Windows update or a Zone Alarm update (although I still fail with ZA disabled but not unloaded) Any other ideas would be appreciated Tom


----------



## borat

DragonWiz said:


> Here's what ya really need to do to fix the problem... Straight from the DragonWiz
> 
> 1. Click Start, click Run, type regedit in the Open box, and then click OK.
> 2. Locate and then double-click the following registry subkey:
> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
> 3. In the right pane, double-click restrictanonymous.
> 4. Make sure that the value in the Value data box is set to 0, and then click OK.
> 5. Close Registry Editor.
> 6. Restart the computer.


you are a prince among thieves:up:


----------



## icmpechome

Please be aware that using the restrictanonymous=0 setting will allow anonymous users to see network shares, users and security permissions. Do not do this on a domain! I know this is what you are trying to do for windows networking but think about just adding a user to the machine in question so that authentication can take place normally. That way just anyone who gets into your network can't access the server/workstation.
IE: If Joe with password 1234 wants access to a computer on the network, add Joe with pass 1234 to that machine, set his rights and what share he can access, printer rights, whatever. He can then access using the normal computer he's logged into.

icmpechome

From Technet:

RestrictAnonymous
Updated: March 28, 2003
*RestrictAnonymous*

HKLM\SYSTEM\CurrentControlSet\Control\Lsa 


Data type Range Default value REG_DWORD
0 | 1 | 2
0

*Description*

Restricts anonymous users from displaying lists of users and from viewing security permissions.


Value Meaning 0
Disabled. Anonymous users are not restricted.
1
Enabled. Users who log on anonymously (also known as _null session connections_) cannot display lists of domain user names, nor share names. Also, these users cannot view security permissions, and they cannot use all of the features of Windows Explorer, Local Users and Groups, and other programs that enumerate users or shares.
2
Anonymous users have no access without explicit anonymous permissions.
This entry does not exist in the registry by default. You can add it by using the registry editor Regedit.exe.
*Note*


 Do not set the value of this entry to 2 in mixed-mode environments. Only consider setting it to 2 in environments running only Windows Server 2003, and only after verifying that appropriate service levels and program function are maintained.
*Caution*
Pre-defined "High Secure" security templates set the value of this entry to 2. Use caution when using these templates.


----------



## borat

Does this apply for windows xp? 

i only want to allow people on my home network to see the shared files. How do i allow only those specific users?


----------



## icmpechome

I'm no great expert in home networking. However, if you don't allow anyone else to use your home network then noone else will have access to your shares no matter how you set up anonymous. If you want one person in your family to be able to access share1 and not access share2, then you'll want to use usernames and passwords on the specific shares that correspond to each person.


----------

