• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 210
  • Last Modified:

New PC with WS2003 login into an existing domain.

Here are the facts,
1) we have a NT Domain running over a Samba Server under Linux platform through Windows Services.
2) every machine in the net runs Win98 and log into a Domain call "SISTEMAS" an into a workgroup with the same name.
3) we install a PC with Windows Server 2003, and the users i use to logon are the same that in the Win98 PCs. It gets access to the workgroup, but i can't tell it to log into the domain.
4) when we tell ws2k3 to log into the domain it ask to a user with authorization to do that, but no matter what user we use, it tells us that it has denied access.

What are we doing wrong (i suppose varius things but...)?
1 Solution
Your problem is related to stronger session encryption betwen server 2003 and Samba.
Windows 2003 uses strong session encription, kerberos, and digitaly signed sessions betwen computers. That is set as default on 2003.
You can disable some of those functions in Local security policy settings:
Local policies-security options

Domain menber digitaly encrypt or sign secure channel data - set to disable
Microsoft network server : Digitaly sign communications (always) - set to disable

There are some more security options you can disable in this section if that doesnt help, but it is not recommended to drop security settings to low.

Other suggestion is to upgrade your samba server to version 3. That way you can raise security in your domain. Samba 3 has higher compatibility with windows XP and 2003.

Hope this helps....


Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now