Enable access to admin shares from non-domain (workgroup) computers

There is a comprehensive article on the Windows OS Hub that discusses administrative shares and how they can be tricky to access in a non-domain environment. I needed to run psexec against a standalone machine and the solution for that was to add an entry to the registry on the target machine.

Open Registry Editor (regedit.exe)

Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

Create a new DWORD (32-bit) parameter with the name LocalAccountTokenFilterPolicy

Set the LocalAccountTokenFilterPolicy parameter value equal to 1

Restart the computer to apply the changes