Cannot Properly connect to shares on a Windows 2003 Server using Active Directory

I have my Macintosh Clients authenitcating via Active Directory on a Windows 2003 Server. The authentication works fine but when I go into connect to server, then type in smb://(name of the Windows 2003 server) it gives me the error:

"Could not connect to the server because the name or password is not correct"

However, when I use connect to server and type in smb://(name of a windows 2000 server) I can access the shares immediately and it does not ask me a username or password. I disabled "Microsoft Network Client: Digitally sign communications (always)" on the Windows 2003 Server. People on the Windows side have no trouble authenticating to smb shares on the 2003 server, but when they go to the Mac they cannot authenticate. I went through terminal to see if I could connect to the shares via smbclient and was able to.
darvay1Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
weedConnect With a Mentor Commented:
I think at this point i'd backtrack and start over. Go through ALL the steps to setting it up again as though it had never been set up. Check ALL your settings etc. While you're at it, run the Pilot portion of Cocktail from www.versiontracker.com.
0
 
weedCommented:
Try including the user/pass in the url. smb://user:pass@win2k3server. Also make sure the user and pass required are shorter than 8 characters....or is it 15?...cant remember. Try both.
0
 
darvay1Author Commented:
I tried smb://(a username):(a valid password)@(2003 server name) , both the login name and password are shorter than 8 characters, but I still get the "Could not connect to the server because the name or password is not correct" error.
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
weedCommented:
Is there a password entry perhaps stored in your keychain for this server?
0
 
darvay1Author Commented:
No, there is only one administrator account on the local machine, so we are not using keychains. When I try to connect to a 2000 non domain control server in the same domain, I don't have to supply any credientials, it just uses the AD kerberos credientials I supplied when I logged in.
0
 
weedCommented:
Dont assume that there arent any keychains just because you only have an admin account. They dont have anything to do with eachother.

Try this, from another EE question.

in "Domain Controller Security Policy" on the server
-> Security Settings -> local policies -> security options:
Domain member: Digitally encrypt or sign secure channel data (always): have put in on "Not Defined" instead off "enabled"
Microsoft Network server: Digitally sign communications (always): have put in on "Not Defined" instead off "enabled"
Microsoft Network server: Digitally sign communications (if client agrees): have put in on "Not Defined" instead off "enabled"
Microsoft Network client: Digitally sign communications (always): have put in on "disabled" instead off "Not Defined"
0
 
darvay1Author Commented:
Ok, I tried those settings in the security policy and still have no luck.
0
 
weedCommented:
Hmmm...dunno at this point. Hard to tell what's missing when I cant see it.
0
 
darvay1Author Commented:
Anything else you would recommend trying?
0
 
heteronymousCommented:
What version of OS X are you using ? Update to 10.3.3 at the very least, if the Macs are not there already.

Have you fully configured the necessary settings in /Applications/Utilities/Directory Access
on the Mac clients ?
0
All Courses

From novice to tech pro — start learning today.