Solved

Some Users Can't Login at Win9x clients

Posted on 2003-11-03
19
436 Views
Last Modified: 2010-04-14
We are running a Win2K network with a mix of clients. Last week we started having some users not be able to logon to Win9x clients, but are still able to get on Win2K Pro and XP Pro clients. Prior to last week these users could get on the Win9x client no problem! It also effects our VPN users, who authenticate against the domain controller. The following two events show up in the event log.

Event Id 681
The logon to account: RICH
 by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
 from workstation: \\SCANLJ
 failed. The error code was: 3221225578

Event Id 529
Reason:            Unknown user name or bad password
       User Name:      RICH
       Domain:            
       Logon Type:      3
       Logon Process:      NtLmSsp
       Authentication Package:      NTLM
       Workstation Name:      \\SCANLJ

What is interesting is that we have some intranet applications that authenticate against the domain and if someone else logs on to the Win9x client the user that wasn't able to logon can get logged on to those apps from the Win9x client! But I'm assuming this is using a different method of authentication.

If we add a new user, the new user has the problem. If we copy a user that is working okay the copy has the problem.

We thought it might be a corrupted AD as we had an older domain controller that was starting to crash on a regular basis. We took that server offline after moving it's duties over to our other domain controller. This weekend we ran tests against the AD on the remaining domain controller and didn't get any errors.

I've spent all morning searching multiple sites including this one for answers to no avail! Hopefully someone out there has an suggestion!



0
Comment
Question by:RichEgli
  • 7
  • 5
  • 3
  • +2
19 Comments
 
LVL 11

Expert Comment

by:adonis1976
ID: 9673582
here are some links:

http://support.microsoft.com/default.aspx?scid=kb;en-us;150530

http://support.microsoft.com/default.aspx?scid=kb;en-us;273499

The first links talks about the event id 529. What you can do on Win 98 client machines is to flush DNS cache and see if that works. go to the command prompt, type ipconfig /flushdns
0
 

Author Comment

by:RichEgli
ID: 9673712
Yep, we've looked at both those pages.

The second one confirms that it is having trouble with, or thinks, it's having trouble with a bad password. But the same user/password combo works on Win2K Pro and XP Pro clients.

The first one suggests taking the server that is having trouble offline and we've done that. We now only have one server validating user accounts and continue to have the problem. We have tried flushing the DNS cache on a couple of clients and get the same results. I personally think it's the server and not the client that is having the problem but not sure how to prove it and/or fix it!
0
 

Author Comment

by:RichEgli
ID: 9674805
I should have mentioned that the message at the client is Microsoft Networking: The logon server did not recognize your domain password, or access to the server has been denied. Make sure you typed the password correctly, and then try again.
0
 
LVL 15

Expert Comment

by:Rob Stone
ID: 9677183
I'm not registered on the site provided, but have you checked this one out
http://www.eventid.net/display.asp?eventid=681&source=
0
 

Author Comment

by:RichEgli
ID: 9694967
Okay, I think I've narrowed the problem down a little further. Each user is loosing the ability to logon to Win9x computers after they change their password!!! I was trying to figure out what the common thread was and then yesterday a user account that we use during nightly processing came up for the password change and we couldn't get into Win9x computers anymore with it!

Should I close out this question and re-phrase with this new bit of info or continue with this question?

This still doesn't tell me what has happened to our network that is causing it and so far I haven't been able to find any references to anyone else having a similar problem.
Thanks!
0
 
LVL 4

Expert Comment

by:darth_wannabe
ID: 9695207
ok, try having them go into control panel and change their windows password to match their domain password.
0
 
LVL 4

Expert Comment

by:darth_wannabe
ID: 9695216
remember 9x does basically two logons...one to windows, and one through microsoft networking. You have to keep the passwords synched
0
 
LVL 15

Expert Comment

by:Rob Stone
ID: 9700461
What about removing the windows password (ie, change it to nothing so you wont be prompted for it), then try it and you should just get the microsoft networking client user id/password.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:RichEgli
ID: 9702818
It's the network password that is getting denied. It's not even getting to the point where it would try the local password. And that's correct about the blank local password, that's what we try to get our users to do so they don't have to keep the passwords synced. I still think it is something happening at the domain controller and not at the client. As long as the user hasn't changed their password they can get on any client (Win2K, Win Pro, Win9x), but as soon as they change the password they no longer can get on the Win9x clients. I just haven't been able to figure out what has changed in the last 60 days that is causing this. We've had this network setup this way and running fine for several years!
0
 
LVL 4

Expert Comment

by:darth_wannabe
ID: 9702849
It doesn't work for them to try the old password either?
0
 
LVL 4

Expert Comment

by:darth_wannabe
ID: 9702851
did they change the password FROM the 9x client?
0
 

Author Comment

by:RichEgli
ID: 9703298
Nope the old password doesn't work. I believe some have been changed at the 9x client, and I know that some have been changed at the Win2K clients.
0
 

Author Comment

by:RichEgli
ID: 9800218
I kind of forgot about this question. But we went ahead and called in Microsoft for help and after about 4 hours of troubleshooting they got us fixed up. Their explaination of the problem follows. How do I go about closing out this question?
Thanks,
Richard

PROBLEM:

When users reset their passwords on Windows 9x and ME clients, they were
subsequently given an access denied error message.  Using the Domain
Controller, password resets for these users had the same negative
effect.
___________________

CAUSE:

This behavior is caused by the NoLMHash value being set within the DC's
registry.  This does not cause the client's PC to pass, nor have the DC
retain the encrypted password key for later use by the Network Security
Support Provider.
___________________

RESOLUTION:

The implicated registry key was removed and the DC rebooted to allow
Clients to perform interactive logon.

Other actions performed:

Using ntdsutil.exe, remnants of old domain controllers were removed from
the domain.  Name resolution was enhanced by removing outdated records.
Sysvol shares and security keys were verified.  A hotfix has been
provided for your Windows 98 Clients to ensure compatibility for Active
Directory Services.
0
 
LVL 15

Expert Comment

by:Rob Stone
ID: 9809572
Cheers for the update.
0
 

Author Comment

by:RichEgli
ID: 9859383
That's what I asked on 11/21? How do I close this question out? We paid Microsoft to fix our problem as no one seemed to be able to get it here.
Thanks,
Richard
0
 
LVL 4

Expert Comment

by:darth_wannabe
ID: 9859519
Richard,

Post a message in the community section with a link to the question, and request that they close the question and refund the points.

http://www.experts-exchange.com/Operating_Systems/Win2000/Q_20786489.html#9859383

sorry we couldn't be more help.....glad you got it resolved!
0
 
LVL 2

Accepted Solution

by:
Lunchy earned 0 total points
ID: 9885777
PAQed, with points refunded (500)

Lunchy
Friendly Neighbourhood Community Support Admin
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Find out what the Office 365 disclaimer function is, why you would use it and its limited ability to create Office 365 signatures.
This video discusses moving either the default database or any database to a new volume.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now