Open gpedit.msc and go to:
Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> Accounts: Guest account status: enabled
Then allow network access for anonymous logins.
Again, using gpedit.msc and go to:
Network Access: allow anonymous SID/Name translation: disabled
Network Access: Do not allow anonymous enumeration of SAM accounts: enabled
Network Access: Do not allow anonymous enumeration of SAM accounts and shares: disabled
Network Access: let everyone permissions apply to anonymous users: enabled
Network Access: restrict remote access to named pipes and shares: disabled
Finally, allow anonymous logon to the machine.
Open gpedit.msc and go to:
Computer Configuration -> Windows Settings -> Local Policies -> User Rights Assignment ->
Access this computer from the network: everyone, anonymous logon
You can deploy this policy locally or via Group Policy.
If you want, and I think you will, you can then limited access to the shares using the windows firewall and a custom IP/subnet list.