Previously answered question - Title: Mac Can no Longer Connect to one of our servers - with new user question

After researching this issue here I found the answer under the following:

   

Home - All Topics - Networking - Mac Net. Q_21862435.html

One of the suggestions was to do the following:

1. Allow the mac to send clear text passwords, explaind here:
http://docs.info.apple.com/article.html?artnum=301580

2. Allow your Windows machine to accept packets that are not digitaly signed
Change this key at the server to 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\requiresecuritysignature

After completing these two steps our Mac user was able to connect without issue, but the next morning they ran into the same error. Upon checking the registry the setting had reverted to 1 instead of 0.

My question is this: what could be causing this to revert and how would I fix this?

Thank you,

John Hoffman
jhoffman@bernan.com
Kraus-ITAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

 
lukecaCommented:
That setting is controlled by domain security policy, which is what is changing it back.  Everytime the security policy is refreshed it will reset that registry key.

You need to follow these directions to change it permanently:

You need to go administrative tools, Domain Security Policy, Local Policies, Security Options, then for the entry "Microsoft network server: Digitally sign communications (always)" set it to disabled.  

Then you need to go to administrative tools, Domain Controller Security Policy, Local Policies, Security Options, then for the entry "Microsoft network server: Digitally sign communications (always)" set it to disabled.

Then open a command prompt and type "gpupdate /force" to apply the settings.  You may want to reboot to insure the settings have activated.

0
 
lukecaCommented:
Sorry you didn't say it was a domain controller.  If it is not a domain controller then you will go to administrative tools, Local Security Policy, Local Policies, Security Options, then for the entry "Microsoft network server: Digitally sign communications (always)" set it to disabled.  
0

Experts Exchange Solution brought to you by ConnectWise

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.