Solved

Windows 98 clients on Windows 2003 Server Domain logon problems if users have a password

Posted on 2004-09-15
15
226 Views
Last Modified: 2008-02-01
The specific problem I have is that having set up a Windows 2003 Server with a variety of clients from Windows 98 to Windows 2000 to Windows XP, the Windows 98 clients seem unable to process a logon if the user has any password at all.

Win 2k and XP clients have no problem but trying to log on from Windows 98 results in the error message about your domain password being incorrect or access to logon server being denied.  If you then reset the user's password to blank you can successfully log on from any client including Windows 98.

I have tried the Microsoft solution in Community Solutions Article 555038 but to no avail.  So I have installed IE 6, Enabled NTLM2 Authentication, Enabled SMB Signing, installed DSClient etc.

Is it to do with the default policies that are put in place on a Windows 2k3 server?  If so what ones do I turn off? I step by step guide would be useful.
0
Comment
Question by:Phill_b1
  • 5
  • 4
  • 3
15 Comments
 

Expert Comment

by:dokpik
ID: 12066849
Do you have WINS installed, if not do so and this will fix the problem..
0
 

Expert Comment

by:dokpik
ID: 12066890
98 as well as 95 machines rely on netbios to communicate through the network and since 2003 utilizes DNS, these machines cannot communicate with the network even if DNS is configured properly on them....just make sure you install WINS and set it up correctly.......I went through the exact same problem during a migration after installing and configuring WINS the 95 machines even worked.

Good Luck,

dokpik
0
 

Author Comment

by:Phill_b1
ID: 12066954
WINS is installed on the 2k3 server and it appears to be running ok.  The Windows 98 clients point to the 2k3 server as the DNS server and the WINS server.  I noticed that the option to use NetBIOS over TCP/IP was greyed out in the Network properties of the 98 clients.

Should I follow the Microsoft solution at all?  Do I need to install DSClient?  I did all the reg fixes in 98 as per Microsoft instruction, couldn't find the article to do with hotfix Q323466.
0
 
LVL 18

Expert Comment

by:crissand
ID: 12067446
Install DSclient. Configure all workstation to authenticate from the domain (I guess you've done that), and, when compouter starts to see:
User name:
Password:
Domain:
Use the netbios name of the domain here.

Run the next registry file on all workstation, to disable saving windows password:

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Network]
"HideSharePwds"=dword:00000001
"DisablePwdCaching"=dword:00000001

Restart wins service on the server.
0
 

Expert Comment

by:dokpik
ID: 12067471
Install the DSClient from a 2000 Pro CD not the one from the download site. Send me an email at administrator@sjhsnights.com with address and I will send you the client I utilized.
0
 

Author Comment

by:Phill_b1
ID: 12069945
dokpik, I tried sending you an email but it bounced back.

I've got a 2000 Server CD so I presume I have the correct DSClient.

Do I need to change any default Group Policy settings on the server?  Like setting LM and NTLM responses?
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 18

Expert Comment

by:crissand
ID: 12070222
As I remember the default is good enough.
0
 

Author Comment

by:Phill_b1
ID: 12099806
Thanks.  Will try it this week.
0
 

Author Comment

by:Phill_b1
ID: 12102626
Have tried just putting DSlient on the client computers on one of my customers' networks and its no different.  If the user has no password you can log straight in, but if they have any sort of password at all then you get the message and you can't log in!
0
 
LVL 18

Expert Comment

by:crissand
ID: 12107417
The user must have a domain password and the computer must get the user list from the domain. Do you have the logon screen:

User name
Password
Domain

Have you run the reg file I wrote?

How Windows starts, in the network properties there is Windows Logon or Network Logon? It must be Network logon.
0
 

Author Comment

by:Phill_b1
ID: 12171326
Yes I did everything you said but still the same problem.

I am sure it is server related as I connected some Win 98 clients to an existing Win 2k3 server successfully.  The installers of this server must have done something to allow them to connect because I didn't and I didn't do anything to the Win98 clients to get it to work.

I thought that there must be a policy somewhere that has been disabled.
0
 
LVL 18

Accepted Solution

by:
crissand earned 125 total points
ID: 12171455
Verify the nic of the server: The Firewall must be disabled and the Authetication to be disabled too. Go to TCP/IP properties and enable netbios over tcp/ip.

On windows 98 you don't have ipsec, so disable it on the server. If you enable it, download and install the client from microsoft: http://www.microsoft.com/windows2000/server/evaluation/news/bulletins/l2tpclient.asp

The Group policy does not apply on Windows 98. The kerberos authetication does'n't work.

I think this is enough.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Resolve DNS query failed errors for Exchange
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now