tferro999
asked on
Cannot map a shared folder between two Windows 2003 domains
I'm having trouble mapping a shared folder between two domains.
I have admin access on the local machine that is physically connected to the drive as well as Domain Admin credentials on the Domain controller. When I am on a computer that is a member of this domain I can map the folder just fine. However when I try to map the shared folder from my personal computer on a separate domain it refuses my login as if the password is wrong ( i have double checked the pasword). Both of these Domains are in the same Forest. Any Ideas?
I have admin access on the local machine that is physically connected to the drive as well as Domain Admin credentials on the Domain controller. When I am on a computer that is a member of this domain I can map the folder just fine. However when I try to map the shared folder from my personal computer on a separate domain it refuses my login as if the password is wrong ( i have double checked the pasword). Both of these Domains are in the same Forest. Any Ideas?
try to run this command:
net use s: \\ComputerName\Share /user:YourDomainName\UserN
net use s: \\ComputerName\Share /user:YourDomainName\UserN
It's in the same forest but is there a trust setup correctly between the domains?
ASKER
I've created an account on the domain for myself as well as on the local computer that is connected to the drive where I want my share. When I try either of the logon accounts, it just rejects them as if I had entered a wrong username or password.
The larger domain here is in Native mode (no windows 2000 DCs) while the second domain where the member server that has my share is in Windows 2000 Native mode.
I verified that there is no trust between the two domains, but I was told that I do not need one since I have both local and domain logon accounts on the second domain.
I have verified that the accounts am I trying to use are Administrators as well as Domain Administrators. The permissions on the actual share are setup correctly to allow access for both of these accounts.
Ive tried mapping the drive using the DOS "net use" command and it says unknown username or password
Any ideas why I cant map this thing?
The larger domain here is in Native mode (no windows 2000 DCs) while the second domain where the member server that has my share is in Windows 2000 Native mode.
I verified that there is no trust between the two domains, but I was told that I do not need one since I have both local and domain logon accounts on the second domain.
I have verified that the accounts am I trying to use are Administrators as well as Domain Administrators. The permissions on the actual share are setup correctly to allow access for both of these accounts.
Ive tried mapping the drive using the DOS "net use" command and it says unknown username or password
Any ideas why I cant map this thing?
Can you map it at all with another username and password?
ASKER
I can map it from a PC on that domain using the same username and password with no problems. Another user who asked me to figure this out has the same problem with his username and password.
I'm really at a loss...have you got security auditing turned on for failures? Do you see anything in the security logs that fail at that point?
What about mapping the drive using the default administrator account on the remote machine?
What about mapping the drive using the default administrator account on the remote machine?
ASKER
I'll check the event viewer and see if it can shed any light.
make sure failure auditing is on or you won't see anything.
ASKER
Here is the message from the event viewer
Logon Failure:
Reason: Unknown user name or bad password
User Name: acferro
Domain: ECONOMICS
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: KENDO
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 132.239.206.57
Source Port: 0
Logon Failure:
Reason: Unknown user name or bad password
User Name: acferro
Domain: ECONOMICS
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: KENDO
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 132.239.206.57
Source Port: 0
Event id 529?
Is ECONOMICS the domain name you are trying to connect to, or from?
Is ECONOMICS the domain name you are trying to connect to, or from?
ASKER
Yep, Event ID 529. Economics is the DOMAIN I am trying to connect to.
Is the source network address correct?? How are the 2 domains connected physically?
Sorry for all the back and forth, I'm not sure what the deal is just trying to help you through it as another set of eyes.
Sorry for all the back and forth, I'm not sure what the deal is just trying to help you through it as another set of eyes.
ASKER
No worries, any help is appreciated.
The network address is correct, I am able to use RDP to get into this machine but cannot map the drive. There are no trusts between these two domains. The one I am on is a campus wide AD domain and the ECONOMICS Domain has its own DC within the forest.
I was told that I don't need a trust between the two domains because I have an account on the Econ domain.
The network address is correct, I am able to use RDP to get into this machine but cannot map the drive. There are no trusts between these two domains. The one I am on is a campus wide AD domain and the ECONOMICS Domain has its own DC within the forest.
I was told that I don't need a trust between the two domains because I have an account on the Econ domain.
that's right...I'm just not used to seeing a 132.x.x.x address on a private LAN...is there a firewall doing NATing between the 2 domains? Have you ever been able to do this (map a drive between domains)?
ASKER
Do you know of any setttings in the local security policy or maybe even on the Domain Controller that would prevent me from mapping the drive?
the only thing would be something like "access this computer from the network". Make sure that Everyone is still there or you may have problems because it doesn't recognize your account as even being allowed to hit it.
I'm not sure if the author ever got it working or not. If not, I would say Delete.
ASKER
It never has worked for me.
Someone on campus said that this might be due to a firewall restriction somewhere with the VPN services.
Should I just split points between everyone?
Someone on campus said that this might be due to a firewall restriction somewhere with the VPN services.
Should I just split points between everyone?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Your effort is appreciated. Thanks for the help.
also check the persmissions on the share