I have a Windows 11 desktop. I am unable to expose the InternalStorage and external USB of my NucleusOne in my File Explorer. I am able to play music with the NucleusOne, even see the folders in the USB drive attached to the device. I made sure the network discovery was enabled, that printer and file sharing allowed through the firewall. I have gone into my group policies and enabled insecure guest logons. I can ping the IP of the NucleusOne but cannot enter \\NUCLEUSONE\Data\Storage\InternalStorage into the File Explorer without getting a nonspecific error. You can see all the screen shots and trouble shooting on your community forum at https://community.roonlabs.com/t/unable-to-see-usb-drive-connected-to-nucleusone/308470/2
Describe your network setup
I have a wired network. NetGear Orbi 860's provide the Mesh but the NucleusOne and my desktop are wired. I have no problems playing music or seeing the folders on the External USB drive on the NucleusOne
Just noticed that the steps given in the Roon Labs article for enabling insecure guest logons are subtly different from those given in this article from the Microsoft Tech Community forum. You could try these to see if that fixes the issue:
My bet is that Microsoft network client: Digitally sign communications (always) needs to be disabled.
Interesting article. Clearly I’m not enthusiastic about making my computer more vulnerable but acknowledge I’m on a home network with non public IPs so my vulnerability is small (as far as I know). It also suggested that if the vendor (that would be Roon) would make SMB signing enabled, Disable guest access and enable username/PW we’d be in a better spot. So, I’m not sure I would agree with your prior assertion that MS owns the problem, we live in a dangerous digital world.
I will explore the options in the article and let you know if that works.
I can’t be the only person experiencing this issue.
I can validate that the following 2 steps, from the article you sent, will give access to the \nucleusone\data\storage folder which includes the InternalStorage and any USB drives:
Disable the SMB client signing requirement:
a. On the Start Menu search, type gpedit and start the Edit Group Policy app (i.e. Local Group Policy Editor). If you are using Home edition, skip to step 8.
b. In the console tree, select Computer Configuration > Windows Settings > Security Settings> Local Policies > Security Options.
c. Double-click Microsoft network client: Digitally sign communications (always).
d. Select Disabled > OK.
Disable the guest fallback protection:
a. On the Start Menu search, type gpedit and start the Edit Group Policy app (i.e. Local Group Policy Editor). If you are using Home edition, skip to step e.
b. In the console tree, select Computer Configuration > Administrative Templates> Network > Lanman Workstation.
c. Double-click Enable insecure guest logons
d. Select Enabled > OK.
Now I need to identify just how comfortable I am with the reduction in security.
This is only about allowing your computer to access shares by guest/guest login if you choose to connect to such a share. And I suppose that you will only connect to the Nucleus. Nothing at all changes if you don’t choose to connect to other shared folders.
Requiring to add this permission to home computers is a pointless change by Microsoft that does nothing at all for security and causes a lot of grief. (And if they don’t want to enable it by default, they should provide a simple checkbox).
The only real purpose of the change is on work networks where one wants to monitor who connects to what (hence the need to authenticate)