The System Cannot a domain controller to service the authentication request. Please try again later

Hi Sergey K,

Thanks for reaching out to Microsoft Q&A!

I’m sorry to hear that you’re suddenly blocked from your shared folders. This is because starting with newer updates, NTLM is blocked for SMB authentication by default, even if it doesn't say so. Here’s some workarounds you can consider:

1 - Stop using anonymous / guest access

• On the NAS or the other PC, create a local user account with password
• Assign that user permissions to the shared folder
• On Windows 11, connect using explicit credentials:
  • \\NASNAME\Share
  • Username: NASNAME\user
  • Password: <password>

2 - Re‑enable insecure NTLM/guest authentication

• Press Win + R > type regedit > press Enter to open Registry Editor
• Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters
• Create a new DWORD > Name it AllowInsecureGuestAuth and set value to 1
• Restart your PC and check the connections again.

Disclaimer: This option poses some security risks so consider carefully before trying, and revert the change if it doesn't help with the issue. Generally, modifying registry subkeys or work group is intended for advanced users, administrators, and IT Professionals. It can help fix some problems, however, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For further protection, first check out How to back up and restore the registry in Windows - Microsoft Support 

Unfortunately, Windows 11 now blocks NTLM‑based SMB authentication, even with credentials. If the NAS cannot negotiate modern authentication, Windows will refuse the connection.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

does not help.

I have created password protected share on NAS. But when a call NET USE with explicit credentials

I am getting:

"System error 1937 has occurred.

Authentication failed because NTLM authentication has been disabled."

NAS supports SMB2 and SMB3 and configured to use them.

on a Windows machine all mentioned services are running, network discovery is allowed and file share allowed as well

The error text matches ERROR_DOWNGRADE_DETECTED / STATUS_DOWNGRADE_DETECTED, which appears after certain Windows authentication hardening updates. On a home Windows 11 Pro PC with no domain controller, this typically shows up when trying to access shares that previously allowed anonymous/guest access or very weak authentication.

Because the behavior changed after a Windows update and Windows 10 still works, the issue is not with the NAS or share itself but with the new authentication requirements on Windows 11.

Use these steps that are supported for home file-sharing scenarios:

1. Test access with explicit credentials
   • On the Windows 11 PC, open Command Prompt.
   • Run:

          net use * \\<NAS-or-PC-name>\<ShareName> /user:<NAS-or-PC-local-user> <password>
     

   • If this succeeds, the share itself is fine and the problem is specifically with guest/anonymous access.
2. Avoid SMB1 and guest/anonymous access
   • SMB1 is deprecated and should remain disabled for security reasons.
   • Configure the NAS or the other Windows machine to require a local user account and password for the share instead of anonymous access.
   • Then always connect using those credentials (as in step 1).
3. Turn on SMB client support and discovery features on Windows 11
   • Ensure SMB client support is enabled:
     1. Open Control Panel.
     2. Select Programs > Programs and Features > Turn Windows features on or off.
     3. Under SMB 1.0/CIFS File Sharing Support, make sure SMB 1.0/CIFS Client is checked only if the NAS absolutely requires SMB1 (otherwise leave SMB1 off and use SMB2/3 on the NAS).
   • Enable network discovery and file and printer sharing:
     1. Open Control Panel.
     2. Select Network and Internet > Network and Sharing Center > Advanced sharing settings.
     3. Under Private, select Turn on network discovery.
     4. Select Turn on file and printer sharing.
     5. Select Save changes.
   • Make sure the following services are set to Automatic and running (Start > search Services):
     • Function Discovery Provider Host
     • Function Discovery Resource Publication
     • SSDP Discovery
     • UPnP Device Host
   • Restart the PC.
4. Map the share from Windows 11 using net use
   • From Command Prompt:

          net use <DriveLetter>: \\<NAS-or-PC-name>\<ShareName>
     

   • If prompted, supply the local account and password configured on the NAS or other PC.
5. If the error persists only on Windows 11
   • Confirm that the NAS is using SMB2/3 and not forcing SMB1-only.
   • Ensure NTLM is enabled on the NAS side as well (or configure it to use modern authentication where possible).
   • If the NAS only supports guest/anonymous access, change its configuration to use a named user with a password; Windows 11 increasingly blocks insecure guest logons by default.

These changes align the share with the newer authentication requirements introduced by recent Windows updates, avoiding the The system cannot contact a domain controller to service the authentication request error on a non-domain home network.

References:

• Can't access shared folders from File Explorer in Windows 10
• MS16-101: Description of the security update for Windows authentication methods: August 9, 2016
• SMB security hardening