Access Samba (Linux) File Share w/o using “AllowInsecureGuestAuth” on Clients

I have to set a registry key on all Windows 10 clients since the Windows 10 1709 update, because MS disabled the guest account access by default superuser MS TechJourney:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters] "AllowInsecureGuestAuth"=dword:00000001 

MS recommends:

The recommended solution is to add an explicit account and password on your NAS device […]

I have this set up. To access the shares on the samba server you have to type username and pw, but w/o setting the above registry key, the client PC cannot even list the available file shares on the samba server. What is wrong in my configuration?

[global] workgroup = <censored> server string = <censored> interfaces = lo enp3s0 <censored>/25 bind interfaces only = yes hosts allow = 127. <censored>  allow insecure wide links = yes  log file = /var/log/samba/log.%m max log size = 50 log level = 1  # Standalone Server Options  security = user passdb backend = tdbsam  map to guest = Bad User guest account = nobody  smb encrypt = auto  # Browser Control Options  local master = yes os level = 255 preferred master = yes domain master = yes  # Name Resolution  wins support = yes  # Share Definitions  [home] comment = <censored> path = /home public = no browseable = yes writable = yes create mode = 0660 directory mode = 0770 veto files = /lost+found/pub/user/backupbot/  [public] comment = <censored> path = /home/pub/ public = no browseable = yes writable = yes create mode = 0660 directory mode = 2770 veto files = /TempDrive/Papierkorb/ inherit permissions = Yes  # allow access from public to media/extra/Software  follow symlinks = yes wide links = yes