Share via

As of update 24H2, Shared PC Guest account no longer works on domain-joined PCs

Anonymous
2024-10-30T16:20:38+00:00

Hello all,

At our school, a number of domain-joined PCs using the SharedPC function to allow both domain and guest user sign-on will no longer allow the Guest option after updating to 24H2. Upon clicking Sign In, you are met with about half a second of a loading screen, and nothing else happens. Windows 10 PCs and anything running an older version of Windows 11 remains unaffected.

Security logs indicate that each and every time you attempt this sign-in, an event 4724 is logged that an account attempted to change another account's password.

Microsoft says here that a domain user will throw this error when a password does not meet length requirements.

No password policy is enabled in Group Policy, and I have changed several other settings as well in an attempt to correct this including following the steps provided in this post.

This account is supposed to function without a password entirely, and I feel that the recent changes made during this update (related to the other post I linked above) are probably related to my issue somehow.

Thanks for any info.

***Move from Windows / Windows 11 / Windows update***

Windows for business | Windows Client for IT Pros | Directory services | User logon and profiles

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

9 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-10-31T03:04:41+00:00

    Hi MajinChaos,

    Thank you for posting in the Microsoft Community Forums.

    Roll back system updates:

    If possible, consider rolling back affected PCs to a pre-update system version to restore Guest logon functionality. This can be done via the “Restore” option in the Windows Update settings, but note that this may require administrator privileges.

    Check and update Group Policy:

    On the domain controller, check the Group Policy settings related to the SharedPC feature and Guest logon. Ensure that these settings are not blocking Guest account logins and are consistent with the school's IT policies and security requirements.

    Modify the local security policy:

    On the affected PCs, check and modify the security policy related to Guest logins through the local security policy editor (secpol.msc). For example, ensure that “Network Access: Shared and Secure Mode for Local Users” is set to allow Guest access.

    4724(S, F) An attempt was made to reset an account's password. - Windows 10 | Microsoft Learn

    Best regards

    Neuvi

    0 comments
  2. Anonymous
    2024-11-14T20:49:42+00:00

    You can try to remove any configuration profile that contain device lock settings.

    1 person found this answer helpful.
    0 comments
  3. Anonymous
    2024-11-20T23:09:20+00:00

    I have the same issue at my company after running the latest updates on several of our spare laptops.

    Did some troubleshooting on my own. Messed with various settings regarding Users, passwords, security and other groups policies, but was not able to find some workaround.

    I'm currently awaiting for my managers to look into this to see if they can make some changes on their end.

    Hopefully there is a ticket opened up with Microsoft about this issue.

    3 people found this answer helpful.
    0 comments
  4. Anonymous
    2024-12-01T20:51:30+00:00

    Can you elaborate? I have the same issue, guest user in shared mode is now broken on 24H2. I have a lot of Intune policies applied though, no idea where to start.

    0 comments
  5. Anonymous
    2024-12-10T03:26:35+00:00

    run Get-SmbClientConfiguration

    and see whats showing for EnableInsecureGuestLogons

    if false

    set it to true

    0 comments