Solved

Previously answered question -  Title: Mac Can no Longer Connect to one of our servers - with new user question

Posted on 2006-10-19
4
240 Views
Last Modified: 2013-11-13
After researching this issue here I found the answer under the following:

   

Home - All Topics - Networking - Mac Net. Q_21862435.html

One of the suggestions was to do the following:

1. Allow the mac to send clear text passwords, explaind here:
http://docs.info.apple.com/article.html?artnum=301580

2. Allow your Windows machine to accept packets that are not digitaly signed
Change this key at the server to 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\requiresecuritysignature

After completing these two steps our Mac user was able to connect without issue, but the next morning they ran into the same error. Upon checking the registry the setting had reverted to 1 instead of 0.

My question is this: what could be causing this to revert and how would I fix this?

Thank you,

John Hoffman
jhoffman@bernan.com
0
Comment
Question by:Kraus-IT
  • 2
4 Comments
 
LVL 7

Expert Comment

by:lukeca
ID: 17771395
That setting is controlled by domain security policy, which is what is changing it back.  Everytime the security policy is refreshed it will reset that registry key.

You need to follow these directions to change it permanently:

You need to go administrative tools, Domain Security Policy, Local Policies, Security Options, then for the entry "Microsoft network server: Digitally sign communications (always)" set it to disabled.  

Then you need to go to administrative tools, Domain Controller Security Policy, Local Policies, Security Options, then for the entry "Microsoft network server: Digitally sign communications (always)" set it to disabled.

Then open a command prompt and type "gpupdate /force" to apply the settings.  You may want to reboot to insure the settings have activated.

0
 
LVL 7

Accepted Solution

by:
lukeca earned 125 total points
ID: 17771406
Sorry you didn't say it was a domain controller.  If it is not a domain controller then you will go to administrative tools, Local Security Policy, Local Policies, Security Options, then for the entry "Microsoft network server: Digitally sign communications (always)" set it to disabled.  
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

SUMMARY Enterprise backup in a heterogeneous network is a subject full of complications and restrictions. Issues such as filename & path structure, attributes and extended metadata always tend to complicate the subject to the extent where either …
In this article we will discuss some EI Capitan Mail app issues and provide some manual process to resolve them.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now