We are working on a program that runs on Citrix that makes a cal to a file share to pull in some JS and JPeg files. Since we are using anonymous users on Citrix, the anon user is failing to access our Windows 2008 server where we have file shared. I have given access to the share for ANONYMOUS USERS on our domain, plus the local user "guest", and "everyone but we are still getting this error: Account For Which Logon Failed: Security ID: NULL SID Account Name: Anon002 Account Domain: Somecitrixserv02 Failure Information: Failure Reason: Unknown user name or bad password. Status: 0xc000006d Sub Status: 0xc0000064 I noticed that the guest account will lock on the Win2k8 server when I make the call on the CTX server to pull the files. I then unlock it, apply it and try again and the guest account will lock. Any ideas? Here's the entire log ( I changed our servername and IP for security purposes in posting this) An account failed to log on. Subject: Security ID: NULL SID Account Name: - Account Domain: - Logon ID: 0x0 Logon Type: 3 Account For Which Logon Failed: Security ID: NULL SID Account Name: Anon002 Account Domain: somecitrixserver02 Failure Information: Failure Reason: Unknown user name or bad password. Status: 0xc000006d Sub Status: 0xc0000064 Process Information: Caller Process ID: 0x0 Caller Process Name: - Network Information: Workstation Name: somecitrixserver02 Source Network Address: 22.99.333.22 Source Port: 2954 Detailed Authentication Information: Logon Process: NtLmSsp Authentication Package: NTLM Transited Services: - Package Name (NTLM only): - Key Length: 0

Hi I wrote a document for troubleshooting account lockout please use the below link http://troubleshooterforever.blogspot.com/2010/03/account-lock-out.html

You are incorrect, Anon002 is not an ANONYMOUS USER....it is (in fact) a Local User account on the citrix server (check the Local User listing) that happens to be called ANONYMOUS. Confusing i know but its a reall account. There, your issue is that the Local Account Anon002 does not have access to the other Windows 2008 because that account does not reside there. You must either switch to a domain user account for this process or create matching local user accounts (and passwords) on both servers.

I have this working on a windows 2k3 server. The main difference is the OS version between the two. The w2k3 server does not have the anon users setup locally either. sameh.khairy - I tried turning up the logging on the netlogon service but it returns the same error that the security log does, "user does not exist" To give some more context, we have a application published anon on a citrix server that has an html page that makes the following call: <script type="text/javascript" src="\\fileshareservername\aaa\bbb\img\imgCheck.js"></script> Is it possible to supply a user account when making a call like this with JS? Or to make it use the guest account? thanks for all the help

When looking at the server that currently works, I see the failue audit in the event viewer but the user from the Citrix Server is still able to access the files. Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Logon account: Anon011 Source Workstation: CTXPOANSPRD02 Error Code: 0xC0000064 What would trigger this event but still allow the user to access the files?

Read this http://support.microsoft.com/kb/942636