Windows 10: Cannot access default Microsoft Windows hidden shares

Discus and support Cannot access default Microsoft Windows hidden shares in Windows 10 Network and Sharing to solve the problem; Hello, Can someone helpme? I have a problem where when I want to access a shared folder from a remote computer like\\ip_remote\c$ it can't. Even... Discussion in 'Windows 10 Network and Sharing' started by TronID, Jul 9, 2020.

  1. TRONID
    TronID Win User

    Cannot access default Microsoft Windows hidden shares


    Hello,

    Can someone helpme?


    I have a problem where when I want to access a shared folder from a remote computer like\\ip_remote\c$ it can't. Even though I have entered the username and password correctly. If I access the share folder from a remote computer I create like\\ip_remote. That is no problem.


    I also attach the event viewer log results. When I access and finish authentication.

    Audit Success 09/07/2020 10:57:38 Microsoft Windows security auditing.4672 Special Logon

    Audit Success 09/07/2020 10:57:38 Microsoft Windows security auditing.4672 Special Logon

    Audit Success 09/07/2020 10:57:38 Microsoft Windows security auditing.4624 Logon

    Audit Success 09/07/2020 10:57:38 Microsoft Windows security auditing.4634 Logoff


    Log Name: Security

    Source: Microsoft-Windows-Security-Auditing

    Date: 09/07/2020 10:57:38

    Event ID: 4672

    Task Category: Special Logon

    Level: Information

    Keywords: Audit Success

    User: N/A

    Computer: COMPUTER-01

    Description:

    Special privileges assigned to new logon.



    Subject:

    Security ID: COMPUTER-01\Administrator

    Account Name: Administrator

    Account Domain: COMPUTER-01

    Logon ID: 0x62AEBA



    Privileges: SeSecurityPrivilege

    SeBackupPrivilege

    SeRestorePrivilege

    SeTakeOwnershipPrivilege

    SeDebugPrivilege

    SeSystemEnvironmentPrivilege

    SeLoadDriverPrivilege

    SeImpersonatePrivilege

    SeDelegateSessionUserImpersonatePrivilege

    Event Xml:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

    <System>

    <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" />

    <EventID>4672</EventID>

    <Version>0</Version>

    <Level>0</Level>

    <Task>12548</Task>

    <Opcode>0</Opcode>

    <Keywords>0x8020000000000000</Keywords>

    <TimeCreated SystemTime="2020-07-09T03:57:38.7913748Z" />

    <EventRecordID>19147</EventRecordID>

    <Correlation ActivityID="{8af1cf46-559a-0002-c8cf-f18a9a55d601}" />

    <Execution ProcessID="840" ThreadID="936" />

    <Channel>Security</Channel>

    <Computer>COMPUTER-01</Computer>

    <Security />

    </System>

    <EventData>

    <Data Name="SubjectUserSid">S-1-5-21-3048503955-719178957-417575522-500</Data>

    <Data Name="SubjectUserName">Administrator</Data>

    <Data Name="SubjectDomainName">COMPUTER-01</Data>

    <Data Name="SubjectLogonId">0x62aeba</Data>

    <Data Name="PrivilegeList">SeSecurityPrivilege

    SeBackupPrivilege

    SeRestorePrivilege

    SeTakeOwnershipPrivilege

    SeDebugPrivilege

    SeSystemEnvironmentPrivilege

    SeLoadDriverPrivilege

    SeImpersonatePrivilege

    SeDelegateSessionUserImpersonatePrivilege</Data>

    </EventData>

    </Event>

    =========================================================================================

    Log Name: Security

    Source: Microsoft-Windows-Security-Auditing

    Date: 09/07/2020 10:57:38

    Event ID: 4672

    Task Category: Special Logon

    Level: Information

    Keywords: Audit Success

    User: N/A

    Computer: COMPUTER-01

    Description:

    Special privileges assigned to new logon.



    Subject:

    Security ID: COMPUTER-01\Administrator

    Account Name: Administrator

    Account Domain: COMPUTER-01

    Logon ID: 0x62AEBA



    Privileges: SeSecurityPrivilege

    SeTakeOwnershipPrivilege

    SeLoadDriverPrivilege

    SeBackupPrivilege

    SeRestorePrivilege

    SeDebugPrivilege

    SeSystemEnvironmentPrivilege

    SeImpersonatePrivilege

    SeDelegateSessionUserImpersonatePrivilege

    Event Xml:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

    <System>

    <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" />

    <EventID>4672</EventID>

    <Version>0</Version>

    <Level>0</Level>

    <Task>12548</Task>

    <Opcode>0</Opcode>

    <Keywords>0x8020000000000000</Keywords>

    <TimeCreated SystemTime="2020-07-09T03:57:38.7917145Z" />

    <EventRecordID>19148</EventRecordID>

    <Correlation ActivityID="{8af1cf46-559a-0002-c8cf-f18a9a55d601}" />

    <Execution ProcessID="840" ThreadID="936" />

    <Channel>Security</Channel>

    <Computer>COMPUTER-01</Computer>

    <Security />

    </System>

    <EventData>

    <Data Name="SubjectUserSid">S-1-5-21-3048503955-719178957-417575522-500</Data>

    <Data Name="SubjectUserName">Administrator</Data>

    <Data Name="SubjectDomainName">COMPUTER-01</Data>

    <Data Name="SubjectLogonId">0x62aeba</Data>

    <Data Name="PrivilegeList">SeSecurityPrivilege

    SeTakeOwnershipPrivilege

    SeLoadDriverPrivilege

    SeBackupPrivilege

    SeRestorePrivilege

    SeDebugPrivilege

    SeSystemEnvironmentPrivilege

    SeImpersonatePrivilege

    SeDelegateSessionUserImpersonatePrivilege</Data>

    </EventData>

    </Event>

    =========================================================================================

    Log Name: Security

    Source: Microsoft-Windows-Security-Auditing

    Date: 09/07/2020 10:57:38

    Event ID: 4624

    Task Category: Logon

    Level: Information

    Keywords: Audit Success

    User: N/A

    Computer: COMPUTER-01

    Description:

    An account was successfully logged on.



    Subject:

    Security ID: NULL SID

    Account Name: -

    Account Domain: -

    Logon ID: 0x0



    Logon Information:

    Logon Type: 3

    Restricted Admin Mode: -

    Virtual Account: No

    Elevated Token: No



    Impersonation Level: Impersonation



    New Logon:

    Security ID: COMPUTER-01\Administrator

    Account Name: Administrator

    Account Domain: COMPUTER-01

    Logon ID: 0x62AEBA

    Linked Logon ID: 0x0

    Network Account Name: -

    Network Account Domain: -

    Logon GUID: {00000000-0000-0000-0000-000000000000}



    Process Information:

    Process ID: 0x0

    Process Name: -



    Network Information:

    Workstation Name: COMPUTER-02

    Source Network Address: 192.168.xxx.xxx

    Source Port: 2555



    Detailed Authentication Information:

    Logon Process: NtLmSsp

    Authentication Package: NTLM

    Transited Services: -

    Package Name NTLM only: NTLM V2

    Key Length: 128



    This event is generated when a logon session is created. It is generated on the computer that was accessed.



    The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.



    The logon type field indicates the kind of logon that occurred. The most common types are 2 interactive and 3 network.



    The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.



    The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.



    The impersonation level field indicates the extent to which a process in the logon session can impersonate.



    The authentication information fields provide detailed information about this specific logon request.

    - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.

    - Transited services indicate which intermediate services have participated in this logon request.

    - Package name indicates which sub-protocol was used among the NTLM protocols.

    - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.

    Event Xml:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

    <System>

    <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" />

    <EventID>4624</EventID>

    <Version>2</Version>

    <Level>0</Level>

    <Task>12544</Task>

    <Opcode>0</Opcode>

    <Keywords>0x8020000000000000</Keywords>

    <TimeCreated SystemTime="2020-07-09T03:57:38.7918046Z" />

    <EventRecordID>19149</EventRecordID>

    <Correlation ActivityID="{8af1cf46-559a-0002-c8cf-f18a9a55d601}" />

    <Execution ProcessID="840" ThreadID="936" />

    <Channel>Security</Channel>

    <Computer>COMPUTER-01</Computer>

    <Security />

    </System>

    <EventData>

    <Data Name="SubjectUserSid">S-1-0-0</Data>

    <Data Name="SubjectUserName">-</Data>

    <Data Name="SubjectDomainName">-</Data>

    <Data Name="SubjectLogonId">0x0</Data>

    <Data Name="TargetUserSid">S-1-5-21-3048503955-719178957-417575522-500</Data>

    <Data Name="TargetUserName">Administrator</Data>

    <Data Name="TargetDomainName">COMPUTER-01</Data>

    <Data Name="TargetLogonId">0x62aeba</Data>

    <Data Name="LogonType">3</Data>

    <Data Name="LogonProcessName">NtLmSsp </Data>

    <Data Name="AuthenticationPackageName">NTLM</Data>

    <Data Name="WorkstationName">COMPUTER-02</Data>

    <Data Name="LogonGuid">{00000000-0000-0000-0000-000000000000}</Data>

    <Data Name="TransmittedServices">-</Data>

    <Data Name="LmPackageName">NTLM V2</Data>

    <Data Name="KeyLength">128</Data>

    <Data Name="ProcessId">0x0</Data>

    <Data Name="ProcessName">-</Data>

    <Data Name="IpAddress">192.168.xxx.xxx</Data>

    <Data Name="IpPort">2555</Data>

    <Data Name="ImpersonationLevel">%%1833</Data>

    <Data Name="RestrictedAdminMode">-</Data>

    <Data Name="TargetOutboundUserName">-</Data>

    <Data Name="TargetOutboundDomainName">-</Data>

    <Data Name="VirtualAccount">%%1843</Data>

    <Data Name="TargetLinkedLogonId">0x0</Data>

    <Data Name="ElevatedToken">%%1843</Data>

    </EventData>

    </Event>

    =========================================================================================

    Log Name: Security

    Source: Microsoft-Windows-Security-Auditing

    Date: 09/07/2020 10:57:38

    Event ID: 4634

    Task Category: Logoff

    Level: Information

    Keywords: Audit Success

    User: N/A

    Computer: COMPUTER-01

    Description:

    An account was logged off.



    Subject:

    Security ID: COMPUTER-01\Administrator

    Account Name: Administrator

    Account Domain: COMPUTER-01

    Logon ID: 0x62AEBA



    Logon Type: 3



    This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.

    Event Xml:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

    <System>

    <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" />

    <EventID>4634</EventID>

    <Version>0</Version>

    <Level>0</Level>

    <Task>12545</Task>

    <Opcode>0</Opcode>

    <Keywords>0x8020000000000000</Keywords>

    <TimeCreated SystemTime="2020-07-09T03:57:38.8273458Z" />

    <EventRecordID>19150</EventRecordID>

    <Correlation />

    <Execution ProcessID="840" ThreadID="956" />

    <Channel>Security</Channel>

    <Computer>COMPUTER-01</Computer>

    <Security />

    </System>

    <EventData>

    <Data Name="TargetUserSid">S-1-5-21-3048503955-719178957-417575522-500</Data>

    <Data Name="TargetUserName">Administrator</Data>

    <Data Name="TargetDomainName">COMPUTER-01</Data>

    <Data Name="TargetLogonId">0x62aeba</Data>

    <Data Name="LogonType">3</Data>

    </EventData>

    </Event>

    :)
     
    TronID, Jul 9, 2020
    #1
  2. DTG1
    DTG1 Win User

    Cannot access shared network drive


    Personally, I wouldnt use Everyone. If anyone hacks into you, they have full access to everything and can demolish everything on your raid. I would rather set up accounts and access separately for each person. That way, I know who did all that damage. In the end with a little extra work, I feel more secure by using Authenticated Users.


    If this helps.
    step 1 create non-microsoft account and without email and address without admin rights
    step 2 share a drive or folder to specific user account (if Everyone is listed, remove it)
    step 3 set security > add Authenticated Users (if more than 1 account) or add specific users
    step 3a remove Everyone from list
    step 3b uncheck full control and write for all items listed except SYSTEM and Admin account.
    step 4 right click Start > Computer Management > System Tools > Shared Folders > Shares ... to verify settings and change anything else. You can also see the number of connections to each share here.
     
    DTG1, Jul 9, 2020
    #2
  3. SHARONSPOST
    sharonspost Win User
    Cannot access shared network drive


    I could scream! so much time wasted on this stupid error, as if time is not precious enough!
    It probably would work fine if I could see the other computer! But I cannot see the other computer!
     
    sharonspost, Jul 9, 2020
    #3
  4. WEBMAXIMUS
    WebMaximus Win User

    Cannot access default Microsoft Windows hidden shares

    Accessing default shares


    That's strange because here it's working just fine as you can see


    Cannot access default Microsoft Windows hidden shares [​IMG]



    Cannot access default Microsoft Windows hidden shares [​IMG]
     
    WebMaximus, Jul 9, 2020
    #4
Thema:

Cannot access default Microsoft Windows hidden shares

Loading...

  1. Cannot access default Microsoft Windows hidden shares - Similar Threads - Cannot access default

  2. Cannot access network share

    in Windows 10 Network and Sharing
    Cannot access network share: From my Windows 10 machine Machine 1, I cannot access folders that are shared on a Windows XP machine Machine 2. I don't think it is an OS incompatibility issue. For years, it worked. And, accessing shared folders on a second Windows XP machine Machine 3 is working, as it...

  3. Cannot access the hidden folder share on my remote computer

    in Windows 10 Network and Sharing
    Cannot access the hidden folder share on my remote computer: Hello Everyone, I can't access hidden folders (like: \\ip_remote\c$ or d$) on a remote computer. Even though when the computer asks for a username and password I have entered it correctly. If I try to make a share folder on the same remote computer. That can be done. I have...

  4. File Sharing "Windows cannot access"

    in Windows 10 Network and Sharing
    File Sharing "Windows cannot access": Problem: Only some clients cannot connect to Shared folder Configuration: My clients want to map network drive to connect the folder which is on my computer. One of my clients can connect, however, other 2 clients cannot connect by getting "Windows cannot access" error....

  5. Cannot access Samba share

    in Windows 10 Network and Sharing
    Cannot access Samba share: Hi, I have a few Windows 10 computers and some linux computers on my network. I use Samba to enable sharing between the Windows and Linux computers. On one of the Windows computer I have a Storage Spaces drive set up as a Samba share. I can access some of the folders on this...

  6. What is the hidden shared folder "default" for?

    in Windows 10 Network and Sharing
    What is the hidden shared folder "default" for?: i try to remove it i cant, i cant change any permissions either for it, also cant find no information regarding it on google! 88046

  7. Cannot Access Windows Network Shares

    in Windows 10 Network and Sharing
    Cannot Access Windows Network Shares: Three machines: Surface Pro 4 - fully updated Surface Pro 3 - Windows 10, fully updated Lenovo X220T - Windows 8.1 Fully updated All three machines can see all available network devices, including each other. All three machines can successfully access and interact...

  8. Cannot access Admin shares

    in Windows 10 Network and Sharing
    Cannot access Admin shares: I have two Windows 10 machines and a Windows 8.1 machine: - PCWIN10-01 - PCWIN10-02 - PCWIN8-03 I want to be able to open admin shares on PCWIN10-01 from PCWIN10-02 and I am getting access denied. Both machines have Creators update. I have searched online for the past...

  9. Cannot access Windows 10 Share

    in Windows 10 Network and Sharing
    Cannot access Windows 10 Share: Hello I am having trouble networking 2 Windows 10 computers together on my network. This is kind of odd, I have a Windows 7 PC that can hit the file share with no issues. And on the troubled computer I can access the shares on the Windows 7 PC. But the Windows 10...

  10. Accessing default shares

    in Windows 10 Network and Sharing
    Accessing default shares: I have two Windows 10 PCs on the same home network and I can't access the default shares on either one of them, I keep getting 'Access denied'. Any ideas? 13256