• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 332
  • Last Modified:

Cannot map a shared folder between two Windows 2003 domains

I'm having trouble mapping a shared folder between two domains.

I have admin access on the local machine that is physically connected to the drive as well as Domain Admin credentials on the Domain controller.  When I am on a computer that is a member of this domain I can map the folder just fine.  However when I try to map the shared folder from my personal computer on a separate domain it refuses my login as if the password is wrong ( i have double checked the pasword).  Both of these Domains are in the same Forest.  Any Ideas?
0
tferro999
Asked:
tferro999
1 Solution
 
Jay_Jay70Commented:
make sure you specify the domain\adminaccount   and the the password

also check the persmissions on the share
0
 
tomerleiCommented:
try to run this command:
net use s: \\ComputerName\Share /user:YourDomainName\UserName YourPassword
0
 
TheCleanerCommented:
It's in the same forest but is there a trust setup correctly between the domains?
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
tferro999Author Commented:
I've created an account on the domain for myself as well as on the local computer that is connected to the drive where I want my share.  When I try either of the logon accounts, it just rejects them as if I had entered a wrong username or password.  

The larger domain here is in Native mode (no windows 2000 DCs) while the second domain where the member server that has my share is in Windows 2000 Native mode.

I verified that there is no trust between the two domains, but I was told that I do not need one since I have both local and domain logon accounts on the second domain.

I have verified that the accounts am I trying to use are Administrators as well as Domain Administrators.  The permissions on the actual share are setup correctly to allow access for both of these accounts.

Ive tried mapping the drive using the DOS "net use" command and it says unknown username or password

Any ideas why I cant map this thing?
0
 
TheCleanerCommented:
Can you map it at all with another username and password?
0
 
tferro999Author Commented:
I can map it from a PC on that domain using the same username and password with no problems.  Another user who asked me to figure this out has the same problem with his username and password.
0
 
TheCleanerCommented:
I'm really at a loss...have you got security auditing turned on for failures?  Do you see anything in the security logs that fail at that point?

What about mapping the drive using the default administrator account on the remote machine?
0
 
tferro999Author Commented:
I'll check the event viewer and see if it can shed any light.
0
 
TheCleanerCommented:
make sure failure auditing is on or you won't see anything.
0
 
tferro999Author Commented:
Here is the message from the event viewer

Logon Failure:
       Reason:            Unknown user name or bad password
       User Name:      acferro
       Domain:            ECONOMICS
       Logon Type:      3
       Logon Process:      NtLmSsp
       Authentication Package:      NTLM
       Workstation Name:      KENDO
       Caller User Name:      -
       Caller Domain:      -
       Caller Logon ID:      -
       Caller Process ID:      -
       Transited Services:      -
       Source Network Address:      132.239.206.57
       Source Port:      0
0
 
TheCleanerCommented:
Event id 529?

Is ECONOMICS the domain name you are trying to connect to, or from?
0
 
tferro999Author Commented:
Yep, Event ID 529.  Economics is the DOMAIN I am trying to connect to.
0
 
TheCleanerCommented:
Is the source network address correct??  How are the 2 domains connected physically?

Sorry for all the back and forth, I'm not sure what the deal is just trying to help you through it as another set of eyes.
0
 
tferro999Author Commented:
No worries, any help is appreciated.

The network address is correct, I am able to use RDP to get into this machine but cannot map the drive.  There are no trusts between these two domains.  The one I am on is a campus wide AD domain and the ECONOMICS Domain has its own DC within the forest.  

I was told that I don't need a trust between the two domains because I have an account on the Econ domain.
0
 
TheCleanerCommented:
that's right...I'm just not used to seeing a 132.x.x.x address on a private LAN...is there a firewall doing NATing between the 2 domains?  Have you ever been able to do this (map a drive between domains)?
0
 
tferro999Author Commented:
Do you know of any setttings in the local security policy or maybe even on the Domain Controller that would prevent me from mapping the drive?
0
 
TheCleanerCommented:
the only thing would be something like "access this computer from the network".  Make sure that Everyone is still there or you may have problems because it doesn't recognize your account as even being allowed to hit it.
0
 
TheCleanerCommented:
I'm not sure if the author ever got it working or not.  If not, I would say Delete.
0
 
tferro999Author Commented:
It never has worked for me.  

Someone on campus said that this might be due to a firewall restriction somewhere with the VPN services.

Should I just split points between everyone?
0
 
TheCleanerCommented:
Seems strange that a firewall policy would block this if the 2 domains are in the same forest.  Not sure why anyone would want to do that since that invalidates the reasoning behind having the trusts.


Up to you on the points split...nothing really got resolved...but if we helped you get to the realization that it wasn't the trust setup, etc. then you may award points for "effort".
0
 
tferro999Author Commented:
Your effort is appreciated.  Thanks for the help.
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now