Access Denied when trying to connect to the root Network Share

[DigeratiPrime]

I have a machine running Vista Ultimate SP1 x86 with pretty much default settings which I will refer to as the HOST machine.

I am trying to connect to a share on the HOST from another machine on the same network and workgroup which I will refer to as CLIENT.

When I try to connect to \\HOST I get Access Denied although \\HOST\Share will work. Also if the current logged on user on the CLIENT has a matching account username and password on the HOST then even \\HOST will work. I get the same behavior whether the CLIENT machine is running Windows XP or Vista though I dont remember having this 'problem' when the HOST machine was running XP. HOST appears in the Network Control Panel on the Vista Client. Also using the HOST IP \\IP instead of the HOST NETBIOS name makes no difference.

I understand this is 'normal' behavior for Vista, according to http://technet.microsoft.com/en-us/library...27037.aspx#ECAA

However I dont understand why \\HOST is denied but \\HOST\share is allowed yet. Is there a way to change this behavior to be how XP was? I don't really want to add all the CLIENT user accounts to the HOST to achieve this either.

The HOST has Network Discovery ON, File Sharing ON, and Password Protected Sharing OFF.

I believe this is some security setting enabled by default on Vista, but I am not sure which one. I would like to connect to the 'root' share because it is cleaner then making shortcuts to all the shares.

Ideas?

[cluberti]

When you connect to \\host on a Vista (or 2008) machine, you're really saying you want to view \\host\ipc$, which is not a browseable share unless you've authenticated (hence users with a matching user/pass can access the share). I believe to replicate the old behavior, you need to make sure the network connection on the Vista machine is "Private", that File *and* printer sharing is on, Public folder sharing is on, and that "Password protected sharing" is also enabled. That last one may or may not be required, so feel free to experiment, however browsing a workgroup is always a problem if usernames / passwords don't match across machines, so you may be SOL in completely replicating XP's (less secure) file sharing behavior.

[DigeratiPrime]

Thank you Cluberti but still no luck finding a way to go to "legacy mode" here or workaround it. I was wondering if it might be related to IPC but its something I am just not that familiar with. I do have the Location Type for both Vista machines set to Private as well as the other settings. One reason I wanted to avoid duplicating accounts is that there are a # of users and some do not have passwords. I am still confused why Vista allows connecting directly to file/folder shares, but not the IPC$ share; esp when the Network control panel links to it! I thought it might also be related to the Anonymous Logon user but no luck changing the two polocies mentioned here: http://technet.microsoft.com/en-us/library/cc772211.aspx

I've tried:

Bypass traverse checking

Network access: Let Everyone permissions apply to anonymous users

Network access: Do not allow anonymous enumeration of SAM accounts and shares