Solved

Cannot Properly connect to shares on a Windows 2003 Server using Active Directory

Posted on 2004-09-07
12
248 Views
Last Modified: 2013-11-17
I have my Macintosh Clients authenitcating via Active Directory on a Windows 2003 Server. The authentication works fine but when I go into connect to server, then type in smb://(name of the Windows 2003 server) it gives me the error:

"Could not connect to the server because the name or password is not correct"

However, when I use connect to server and type in smb://(name of a windows 2000 server) I can access the shares immediately and it does not ask me a username or password. I disabled "Microsoft Network Client: Digitally sign communications (always)" on the Windows 2003 Server. People on the Windows side have no trouble authenticating to smb shares on the 2003 server, but when they go to the Mac they cannot authenticate. I went through terminal to see if I could connect to the shares via smbclient and was able to.
0
Comment
Question by:darvay1
  • 5
  • 4
12 Comments
 
LVL 30

Expert Comment

by:weed
ID: 12001845
Try including the user/pass in the url. smb://user:pass@win2k3server. Also make sure the user and pass required are shorter than 8 characters....or is it 15?...cant remember. Try both.
0
 

Author Comment

by:darvay1
ID: 12005765
I tried smb://(a username):(a valid password)@(2003 server name) , both the login name and password are shorter than 8 characters, but I still get the "Could not connect to the server because the name or password is not correct" error.
0
 
LVL 30

Expert Comment

by:weed
ID: 12007484
Is there a password entry perhaps stored in your keychain for this server?
0
 

Author Comment

by:darvay1
ID: 12007845
No, there is only one administrator account on the local machine, so we are not using keychains. When I try to connect to a 2000 non domain control server in the same domain, I don't have to supply any credientials, it just uses the AD kerberos credientials I supplied when I logged in.
0
 
LVL 30

Expert Comment

by:weed
ID: 12007978
Dont assume that there arent any keychains just because you only have an admin account. They dont have anything to do with eachother.

Try this, from another EE question.

in "Domain Controller Security Policy" on the server
-> Security Settings -> local policies -> security options:
Domain member: Digitally encrypt or sign secure channel data (always): have put in on "Not Defined" instead off "enabled"
Microsoft Network server: Digitally sign communications (always): have put in on "Not Defined" instead off "enabled"
Microsoft Network server: Digitally sign communications (if client agrees): have put in on "Not Defined" instead off "enabled"
Microsoft Network client: Digitally sign communications (always): have put in on "disabled" instead off "Not Defined"
0
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

 

Author Comment

by:darvay1
ID: 12008184
Ok, I tried those settings in the security policy and still have no luck.
0
 
LVL 30

Expert Comment

by:weed
ID: 12008221
Hmmm...dunno at this point. Hard to tell what's missing when I cant see it.
0
 

Author Comment

by:darvay1
ID: 12008281
Anything else you would recommend trying?
0
 
LVL 30

Accepted Solution

by:
weed earned 125 total points
ID: 12008371
I think at this point i'd backtrack and start over. Go through ALL the steps to setting it up again as though it had never been set up. Check ALL your settings etc. While you're at it, run the Pilot portion of Cocktail from www.versiontracker.com.
0
 
LVL 9

Expert Comment

by:heteronymous
ID: 12038725
What version of OS X are you using ? Update to 10.3.3 at the very least, if the Macs are not there already.

Have you fully configured the necessary settings in /Applications/Utilities/Directory Access
on the Mac clients ?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
screenshot part of desktop and past to MS Office Word. 7 60
OS X Mail will not connect to Microsoft Hosted Exchange 7 42
My MacBook is dogging... 4 36
apple tv fire 15 41
Information security is a multi-billion dollar industry. Just as lucrative is the black market industry which trades stolen identities, credit card numbers and software exploits all over the world. Nothing is hack-proof. The best one can do is make …
A common question or need, when setting-up a new Mac for someone would be to make all of the applications, installed, available from the dock. Many people often do not realize an application is installed unless it is in the dock. Creating a custo…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now