Audit insecure guest logon - LanmanWorkstation

Information

This policy controls whether the SMB client will enable the audit event when the client is logged on as guest account.

If you enable this policy setting the SMB client will log the event when the client is logged on as guest account.

If you disable or do not configure this policy setting the SMB client will not log the event.

Solution

Policy Path: Network\Lanman Workstation
Policy Setting Name: Audit insecure guest logon

See Also

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/windows-11-version-24h2-security-baseline/ba-p/4252801

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-12c.

Plugin: Windows

Control ID: d9d71b794e4e7e08931498c0b07b7bb146b776b0d0ecc08450169dce8aa5e2e1