Solved

Windows 2003 SBS Authentication - WIndows XP CLients

Posted on 2004-09-14
3
171 Views
Last Modified: 2013-12-04
Hello All --

I have a win 2003 SBS Server w/ AD installed Exchange (in use) MS-ISA (Not in Use) and the rest of the "Family Pack"
of Microsoft Products that come with SBS 2K3


Here is my issue -

I have just configured a VPN with Netscreen NS5GT and the NetScreen Client Software -

I am able to Log in to the VPN no trouble - and ping any network address w/o issue - (internal 192.168.1.1)

I am using WIndows XP Pro clients

But I am not able to logon to the DOmain using either my account username password (domain\username) then password

or the Admnistrators account - all it does is re prompt me for the password and username

I am using a laptop which is not part of the domain.

I am trying to map a networtk drive thats all - not that special

I am however able to log on (over the vpn) to Terminal Services (running on the server)

I am also able to log on to a Workstation on the network, again mapping a network drive \\domainmemeber\share

it maps just fine -

I have encountered these "will not log onto share" period errors in the past... but have not been able to fix this one yet...


Please Advise -

Robert
0
Comment
Question by:rbollinger1212
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 15

Accepted Solution

by:
harleyjd earned 500 total points
ID: 12071291
THis is probably a furfy, but try disabling SMB signing on Group Policy Management.

In Default Domain Controller Policy

CompCon
+Windows Settings
 +Security Settings
  +Security options

set to disabled:
Domain Member: Digitally Encrypt or sign secure channel data (Always)
Microsoft Network Server: Digitally Sign Comminications (Always)
Microsoft Network Server: Digitally Sign Comminications (if client agrees)
0
 

Author Comment

by:rbollinger1212
ID: 12086211
Good Advice ... But Here is what I found out...


 After much toiling I discovered this...


 - I was able to access the server resources from the laptop when I plugged in to the network from the "Trust" zone.
 - I was able to ping the server over the VPN
 - Packet fragmentation was disabled on the Firewall (SO that fragmented packets could get through)
 

 Another person using a different dial up connection was able to access the VPN and map network drives over the VPN.


 Earthlink Blocks Passing Encrypted packets over there Dial-up Connections -

Earthlink allows you to establish a VPN SA.

SO you think it must be working no one is blocking anything - except that earthlink is blocking the encrypted packets.

I hate earthlink - this took 12 hours to solve...

As far as I was able to map a share to a different system, I was able to do that because encryption was turned off or at least i think so...

I went home and tried again over my T1 and sure enough I was able to map a network drive.... again... I hate earthlink...


I got this info from the NetScreen Tech Support people...


Robert
0
 
LVL 15

Expert Comment

by:harleyjd
ID: 12086313
Far out. Well done Robert...

0

Featured Post

IoT Devices - Fast, Cheap or Secure…Pick Two

The IoT market is growing at a rapid pace and manufacturers are under pressure to quickly provide new products. Can you be sure that your devices do what they're supposed to do, while still being secure?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question