Advertisement

10.04.2004 at 09:06AM PDT, ID: 21155091
[x]
Attachment Details
[x]
The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

  • The Grade of the Solution
  • The Zone Rank of the Expert Providing the Solution
  • The Number of Author and Expert Comments
  • The Number of Experts Contributing
  • The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!
6.2

NTLM Logon Fails Because Network Domain Name Not Passed

Asked by cavehop in Windows Network Security

Tags: , ,

Hi all, I hope you can help me with this one since it has been troubling me for a number of weeks and has our IT people stumped as well.  You'll have to forgive me if I use incorrect terminology since Networks are not my area.

The basics: I have a client computer running Windows XP Pro and a server running Windows 2000 Server.  When I attempt an NTLM network logon from my client to the server using my network domain account credentials it fails.

The nitty-gritty details (which may or may not be pertinent - I just don't know, so I'm giving everthing that might be):

The server computer is not a domain name controller.   From our IT people's perspective it is really just another client computer, but it is running SQL Server and IIS (so from my software developer point of view it is a server).

There are two typical cases where an NTLM network logon attempt is made. One, when I try to establish an Enterprise Manager connection to SQL Server running on the server. Two, when I attempt to start a Visual Studio .NET debugging session on a web project based on the server.  Both cases result in two Failure Events being logged in the Security Event Viewer, which indicates to me that this likely a Windows security issue and not just an application issue.  The first event has ID 681, the second has ID 529.  Looking more closely as Event ID 529, the domain name is listed as the local domain name of the server machine, NOT the network domain name of my user account attempting to logon.

Here are some of the results from some experiments we have done to try to isolate where the problem is occurring:
1. If someone else logs on to my client computer and attempts an NTLM network logon to the server, it works (the successful logon Event ID indicates that the nework domain name was properly passed).
2. If I attempt an NTLM nework logon to a different server, it works (again the network domain name is properly passed).
So it seems like this is a problem that is specifically about my particular user account combined with these particular machines.  The problem started at about the same time that I created a new ASP.NET project through Visual Studio.  This might be coincidence; it might not.

Final note: My wonderful IT folks have provided a bandaid to the problem, by showing me how to create a local user account on the server that matches my network user account (username and password), which makes the logon at least succeed.  For various reasons (especially having to do with the VS debugger), this is not really an ideal solution, however.

I appreciate greatly any assistance you can provide.  Thanks!
--Lance--Start Free Trial
[+][-]10.04.2004 at 11:13AM PDT, ID: 12219681

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]10.04.2004 at 11:26AM PDT, ID: 12219793

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]10.04.2004 at 12:02PM PDT, ID: 12220105

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]10.04.2004 at 01:29PM PDT, ID: 12221038

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]10.04.2004 at 03:17PM PDT, ID: 12222010

View this solution now by starting your 30-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zone: Windows Network Security
Tags: 529, iis, ntlm
Sign Up Now!
Solution Provided By: Gargantubrain
Participating Experts: 1
Solution Grade: B
 
 
[+][-]10.05.2004 at 09:57AM PDT, ID: 12228706

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]10.05.2004 at 02:25PM PDT, ID: 12231521

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.19.2005 at 07:03AM PDT, ID: 14036443

Experts Exchange has a courteous staff of administrators who help members get the most out of the website by means of administrative comments like this one.

Start your 30-day free trial to view this Administrative Comment or ask the Experts your question.

 
[+][-]05.19.2005 at 07:35AM PDT, ID: 14036772

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
 
Loading Advertisement...
20081112-EE-VQP-44